Software shields online banking on infected PCs

IDG News Service - A U.K. security company is giving to banks, for free, security software that it says can block malicious software from manipulating online banking transactions or stealing data, even if the computer is infected.

The product, called SafeOnline, comes from Prevx, a security company in Derby, England.

The module is designed to offer an additional layer of security for secure browsing sessions conducted with SSL (Secure Sockets Layer) technology, indicated by the "https" in the URL (Uniform Resource Locator).

Cybercriminals are developing increasingly sophisticated software that, in what is known as man-in-the-middle or man-in-the-browser attacks, can intercept online banking transactions while in progress and transfer funds with the user believing nothing is awry.

SafeOnline installs its own kernel-level driver on Windows PCs. During a secure browsing session, all information from the keyboard is routed through that driver, which defeats attempts to record keystrokes or other interference, said Mel Morris, Prevx's CEO and CTO.

SafeOnline has been tested by Immunity, a company that specializes in evaluating security technology. SafeOnline was tested against some of the most sophisticated banking malware, including Zeus, SilentBanker and Mebroot/Sinowal/Torpig.

SafeOnline has other components, such as an antiphishing feature that prevents authentication information from being entered into a suspicious Web site. It also verifies DNS (Domain Name System) lookups against other trusted DNS servers, which helps prevent pharming, where a correct domain name leads to bogus Web site.

Banks that decide to use SafeOnline with their customers will also get an antimalware component that is in Prevx's other self-titled security product, Prevx 3.0.5.

Prevx is a small company in a brutally competitive security market, dominated by big players such as Symantec, McAfee and Trend Micro. Banks don't want to pay for security software, so Prevx decided to give it to those that want it for free, Morris said.

"I suppose to an extent you can argue from their perspective that had security vendors done their job there wouldn't be a need for such a product," Morris said.

So far, six banking organizations have expressed interest, he said. The banks have special requirements that Prevx is able to meet. Banks don't want to modify their Web sites to accommodate a security technology, they want something that is easy for users and is compatible with other security products their customers may be running, Morris said.

Prevx's software can run alongside other security suites. It was purposely created that way as a way for Prevx to get into the market against entrenched competitors, Morris said.

SafeOnline will detect and halt malware, but if a customer wants to remove the malware, they will have to pay a subscription fee, which is how Prevx will generate revenue. SafeOnline with the malware removal component will cost £15.95 (US$26) annually. SafeOnline is also a module in Prevx 3.0.5, which costs £24.95 a year.

Morris is hoping that customers see that Prevx outperforms other security suites by detecting more malware and then drop their subscriptions in favor of Prevx.

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.