Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Wednesday, July 13, 2005

Bank Of America Rolls Out New Online Security System

Bank of America Corp. is rolling out a new online banking security system aimed at making it harder for cyberthieves to crack customer accounts, an effort that comes as the industry struggles with a recent string of high-profile security breaches.

“We definitely want to lead the industry by making online banking more secure,” Bank of America e-commerce executive Sanjay Gupta said.  “Right now, more than 50 percent of (banking) transactions take place online.”

The Charlotte-based bank already leads the U.S. market with 13.2 million online banking customers and 6.4 million people who pay bills online.

Bank of America launched its new online security system, called SiteKey, last month in Tennessee.  It is being rolled out this week in Virginia, Maryland and Washington, D.C., and should be available nationwide by the fall.

Several recent highly publicized security breaches have made fraud prevention a top priority for Bank of America and other U.S. banks.  In May, Bank of America and Wachovia Corp. were forced to alert more than 100,000 customers when New Jersey police charged nine people, including seven bank workers, in a plot to steal financial records of thousands of bank customers.  In February, Bank of America disclosed that it lost computer data tapes containing personal information on 1.2 million federal employees, including some members of the U.S. Senate.  The lost data included social security numbers and account information.

While the new system wouldn’t have prevented those breaches, it’s a sign of how seriously the bank takes the issue of security, said Jim Stickley of TraceSecurity Inc., a Baton Rouge, La.-based computer security company.  “I think the reason they are doing it is because of all the bad press they’ve been getting,” he said.

The challenge questions - all things that only the customer would be able to provide, such as the year and model of their first car - are then used along with a customer ID and a passcode to guard access to the account.

Because so many Web sites now require passwords, many Internet users have become careless and create easy-to-remember passwords that tend to be easy to guess.;jsessionid=Q20WOK44VGIHOQSNDBNSKH0CJUMEKJVN?articleID=165702498

Posted on 07/13