Phishing, viruses, banking Trojans and data thieves: The internet has become a dangerous place. This is all the more true when operating transactions online. According to a study from the intertrade organisation BITKOM, 75% of private customers and 57% of corporate customers are worried nowadays about their computer getting infected by viruses while surfing on the internet. Of course, every bank uses secure cryptographic methods for their online transfers, but the weakness does not necessarily comes from the bank’s side. Most of the time, it is sitting in front of the screen; that is, online-banking customers themselves. If the offender already managed to infiltrate the user’s computer, doors are wide open for him to manipulate online transactions as he pleases. It concerns both private customers on a small scale and business clients on a large scale. “Since even the most recent antivirus software rarely helps nowadays against highly specialised banking Trojans, CORONIC and PPI resolved to improve transactions’ safety from both private and corporate customers’ computers, so strongly that even an already present virus could not meddle with money transactions anymore”, said Dr. Frank Bock, executive manager of CORONIC GmbH. BITKOM’s study also indicates that these days, only half of German people uses online-banking. The other half avoids the use of the comfortable online transactions. According to a survey from Initiative D21, 76% of the latter put forward doubts about security as a reason for not using online-banking.
In the world of business banking, a so-called Secoder or chip card reader is specially used to perform online transfers. It is handled like an EC-card reading device found in banks, and necessitates a USB cable or Bluetooth to connect to the computer. TRAVIC-Sign, produced by PPI, establishes safe communication between the Secoder and online-banking. However, there is still a weakness in this chain of communication; namely the internet browser of the customer. Banking for private users is generally carried out directly in the browser. There, both the transaction data and the associated TAN-data are implemented. In the frame of the technological partnership between both security experts, the TRAVIC-Sign technology from PPI will be associated with the safe PROTECT-browser from CORONIC. Consequently, a new product is established, for secure banking by both private customers directly in the browser, and business companies using a Secoder. “As a result, all online-banking users in Germany will be strongly protected and will be able to completely shut out fraudsters and data thieves from the process” says Dr. Thorsten Völkel, board member of PPI AG. The objective of both corporations for the coming years is nothing less than to supply those who avoid online-banking because of safety concerns an absolutely secure software. And yet, a safe transaction is not the only outcome that interests the banks. All customers who use offline-banking submit their money transfers to their financial institution in writing as a so-called receipt. Support for such procedures generates for many banks costs that vary from 0.50 to 1.50€ per transfer document. Already, for banks with only as few as 100,000 clients, this amounts to millions in total per year. “The more clients adhere to the secure online-banking developed by PPI and CORONIC, the better for the banks” says Völkel.
The new secure browser including TRAVIC-Sign is already on the market for Microsoft Windows PCs, and will be presently implemented in about 130 banks and financial institutes in Germany. A version for Macintosch and Linux computers will follow by the end of 2016. With this new security technology, both corporations are expecting a simultaneous increase of their sales. Here, the focus has initially been on German financial institutes. The second step is to make the product available for international banks. “If everything goes smoothly, we could develop even further within the banking market with our combined forces” according to Bock and Vökel, who are excited about the new cooperation.
Background information about CORONIC GmbH’s “safer PROTECT-browser”
The function of a normal internet browser is to display any internet site or play any video. Therefore, a browser is at first the complete opposite of a secure software, as it allows anything and everything. The creators of viruses and Trojans have long thrived on this: Nowadays, almost every method of online-banking theft is based on the manipulation of browser functions through infiltrated malware. Thus, modern protection against phishing focuses directly on browsers. If the access of hijackers to internet browsers is prevented, online-banking cannot be manipulated any more and customers will no longer be cheated. For this purpose, CORONIC began the development of safe banking browsers in Kiel as early as 2007. It allows banking with optimised security, even if Trojans and malware have already infiltrated the computer. In 2010, the first PROTECT-browser was completed. It wards off Trojans and simultaneously prevents operator errors due to phishing for online-banking customers.
Background information about PPI AG’s “TRAVIC-Sign Plugin”
TRAVIC-Sign is designed for financial institutions and data processing centres who wants to provide more safety to customers of their web-applications against misuse and data manipulation via a strong security system. TRAVIC-Sign complements the browser so that it can be accessed from a chip card reader or a security token. As a result, customers can profit from the strong security system of the German credit services sector (Deutschen Kreditwirtschaft or DK).
In the world of business banking, a so-called Secoder or chip card reader is specially used to perform online transfers. It is handled like an EC-card reading device found in banks, and necessitates a USB cable or Bluetooth to connect to the computer. TRAVIC-Sign, produced by PPI, establishes safe communication between the Secoder and online-banking. However, there is still a weakness in this chain of communication; namely the internet browser of the customer. Banking for private users is generally carried out directly in the browser. There, both the transaction data and the associated TAN-data are implemented. In the frame of the technological partnership between both security experts, the TRAVIC-Sign technology from PPI will be associated with the safe PROTECT-browser from CORONIC. Consequently, a new product is established, for secure banking by both private customers directly in the browser, and business companies using a Secoder. “As a result, all online-banking users in Germany will be strongly protected and will be able to completely shut out fraudsters and data thieves from the process” says Dr. Thorsten Völkel, board member of PPI AG. The objective of both corporations for the coming years is nothing less than to supply those who avoid online-banking because of safety concerns an absolutely secure software. And yet, a safe transaction is not the only outcome that interests the banks. All customers who use offline-banking submit their money transfers to their financial institution in writing as a so-called receipt. Support for such procedures generates for many banks costs that vary from 0.50 to 1.50€ per transfer document. Already, for banks with only as few as 100,000 clients, this amounts to millions in total per year. “The more clients adhere to the secure online-banking developed by PPI and CORONIC, the better for the banks” says Völkel.
The new secure browser including TRAVIC-Sign is already on the market for Microsoft Windows PCs, and will be presently implemented in about 130 banks and financial institutes in Germany. A version for Macintosch and Linux computers will follow by the end of 2016. With this new security technology, both corporations are expecting a simultaneous increase of their sales. Here, the focus has initially been on German financial institutes. The second step is to make the product available for international banks. “If everything goes smoothly, we could develop even further within the banking market with our combined forces” according to Bock and Vökel, who are excited about the new cooperation.
Background information about CORONIC GmbH’s “safer PROTECT-browser”
The function of a normal internet browser is to display any internet site or play any video. Therefore, a browser is at first the complete opposite of a secure software, as it allows anything and everything. The creators of viruses and Trojans have long thrived on this: Nowadays, almost every method of online-banking theft is based on the manipulation of browser functions through infiltrated malware. Thus, modern protection against phishing focuses directly on browsers. If the access of hijackers to internet browsers is prevented, online-banking cannot be manipulated any more and customers will no longer be cheated. For this purpose, CORONIC began the development of safe banking browsers in Kiel as early as 2007. It allows banking with optimised security, even if Trojans and malware have already infiltrated the computer. In 2010, the first PROTECT-browser was completed. It wards off Trojans and simultaneously prevents operator errors due to phishing for online-banking customers.
Background information about PPI AG’s “TRAVIC-Sign Plugin”
TRAVIC-Sign is designed for financial institutions and data processing centres who wants to provide more safety to customers of their web-applications against misuse and data manipulation via a strong security system. TRAVIC-Sign complements the browser so that it can be accessed from a chip card reader or a security token. As a result, customers can profit from the strong security system of the German credit services sector (Deutschen Kreditwirtschaft or DK).
