savramesh 37 Report post Posted February 23, 2010 Source K. Balaraju was thinking about an innovative way of teaching dance at Saarang using coloured squares on a transparent stage when he says he came up with the idea of secure online transactions that helped him finish his masters’ thesis and file four patents. On Monday, M.S.Ananth, director, Indian Institute of Technology-Madras (IIT-M), launched IndusInd Bank launched Polaris Software’s Intellect Privacy Card anti-phishing suite at IIT-M, Mr. Balaraju’s alma mater. Explaining the features of the card based on Mr. Balaraju’s idea, Polaris executives said internet banking customers would use multi-factor authentication to secure each transaction. The first level of security would be provided by the typical password-based login into the bank’s portal. The customer would be provided with a booklet of security cards – transparent sheets with grids of 10x6 squares with each square empty or shaded black or marked with a number. For each transaction, the customer would be prompted to use a particular card from the booklet and superimpose it on a grid generated by the portal on the computer monitor for that transaction. The numbers visible after such superimposition should be used as the password for that transaction. Each card may be used for a certain number of transactions and each booklet would contain five to ten cards. Customers may submit requests for fresh booklets similar to requests for cheque books. Since each transaction generated a unique password and a physical superimposition was required to generate it, typical phishing attacks including keylogging, screenlogging or using dictionary methods to decipher passwords would not work in this case, executives said. L.S.Ganesh, co-ordinator of the M.S.(Entrepreneurship) programme at IIT-M, said the Department of Management Studies had worked with the Department of Computer Science to come up with a user-ready product. Ramesh Ganesan, head of transaction banking, IndusInd Bank, said the bank had said the bank was actively looking for innovations to protect internet banking customers’ data. Share this post Link to post Share on other sites
::Hitesh:: 1,763 Report post Posted February 23, 2010 ^^^ Thanks for the info ! Share this post Link to post Share on other sites
city02 63 Report post Posted February 24, 2010 while this will take many years to reach indian sites, won't it be a lot quicker, cheaper, and greener to simply allow users to upload an image for the login page like yahoo mail? this would save the costs of printing / distributing the plastic booklets Share this post Link to post Share on other sites
petar 15 Report post Posted February 24, 2010 USe OPENDNS . they help identifying fishing sites. they even block them. Share this post Link to post Share on other sites
::Hitesh:: 1,763 Report post Posted February 24, 2010 ^^^ Google is doing same ! Share this post Link to post Share on other sites
Sadikk 301 Report post Posted February 25, 2010 how this idea is more innovative thn ICICI debit card grid?? Share this post Link to post Share on other sites
Harshal 11 Report post Posted February 25, 2010 How is the idea better than a VPN token that I get with my HSBC card? Share this post Link to post Share on other sites
csmart 472 Report post Posted February 25, 2010 this idea is not so innovative or as a matter seems to be more expensive compare to ICICI and HSBC.. my office has Employee account with ICICI and each card has nique grid on back. the user requires to enter requested number from the grid. one thing about HSBC is that you can use any "token" ie even i have token from them. i can use your token to log in. THIS IS WHAT MANY HAS TOLD ME AND DEEP DIGGING WITH SUCH TOKEN PROVIDERS AGREE. in certain cases that do happen. but still it needed to check i also doubt this method is useful as UK will be eliminating cheuqes from banking system from 2016. so definitely they will not be interested using one more "cheuqe" book... so to me, it may not be viable.. Share this post Link to post Share on other sites