Net banking set to introduce transaction monitoring

27.03.2006
Australian banks and financial institutions will soon use protocols to stem phishing attacks, similar to those used by credit card companies to stop fraud.

The system has been developed by RSA Security in conjunction with antivirus vendors to track and log suspicious e-mail phishing activity currently. Three international banks are already using the service and RSA Security predicts all Australian banks will be using it within two years.

RSA Security consumer solutions senior vice president, Naftali Bennett, said the system includes transaction monitoring for Internet banking and a globally linked database of fraudulent data relating to phishing and e-mail scams.

Users of the database include U.K.-based Barclays and U.S.-based Washington Mutual ."Globally, more than 100 banks are using proactive security programs and I believe it will only be a matter of weeks before banks in this region are up and running," Bennett said.

"The antifraud command center scans roughly 1.5 billion e-mails a day [in partnership with antivirus companies] to identify the location of spoofed Web sites. The system then maps out which computers are typically used to log in, so if someone logs in fraudulently from a different location and transfers money that action will be flagged as a high- risk transaction until it is validated by the account holder."

Bennett said the system creates both device and profile factors. If a fraudster attacks one bank, the others that are members of the network can automatically flag and block the fraudster, he said.