Chat with AI
Business Driven Technology 6th Edition by Paige Baltzan
Edition 6ISBN: 9780073376905Business Driven Technology 6th Edition by Paige Baltzan
Edition 6ISBN: 9780073376905 Exercise 149
Banks Banking on Network Security
Bank of America, Commerce Bancorp, PNC Financial Services Group, and Wachovia were victims of a crime involving a person trying to obtain customer data and sell it to law firms and debt-collection agencies. New Jersey police seized 13 computers from the alleged mastermind with 670,000 account numbers and balances. There is no indication the data were used for identity theft, but it highlights how increasingly difficult it is to protect information against such schemes as the market value of personal information grows. In the past, banks were wary of the cost or customer backlash from adopting network security technologies. Today, banks are beefing up network security as more customers begin to view security as a key factor when choosing a bank.
Bank of America
Bank of America is moving toward a stronger authentication process for its 13 million online customers. Bank of America's new SiteKey service is designed to thwart scams in which customers think they are entering data on the bank's website, when they are actually on a thief's site built to steal data. This occurs when a worm tells a computer to reroute the bank's URL into a browser to another site that looks exactly like the bank's.
SiteKey offers two-factor authentication. When enrolling in SiteKey, a customer picks an image from a library and writes a brief phrase. Each time the customer signs on, the image and phrase are displayed, indicating that the bank recognizes the computer the customer is using and letting the customer know that he or she is at the bank's official website. The customer then enters a password and proceeds. When signing on from a different computer than usual, the customer must answer one of three prearranged questions.
Wells Fargo Company
"Out-of-wallet" questions contain information that is not found on a driver's license or ATM card. Wells Fargo is implementing a security strategy that operates based on "out-ofwallet" questions as a second factor for network password enrollment and maintenance. It is also offering network security hardware such as key fobs that change passwords every 60 seconds. Last fall It launched a two-factor authentication pilot in which small businesses making electronic funds transfers need a key fob to complete transactions.
E*Trade Financial Corporation
E*Trade Financial Corporation provides customers holding account balances of more than $50,000 with a free Digital Security ID for network authentication. The device displays a new six-digit code every 60 seconds, which the customer must use to log on. Accounts under $50,000 can purchase the Digital Security ID device for $25.
Barclays Bank
Barclays Bank instituted online-transfer delays of between several hours and one day. The delays, which apply the first time a transfer is attempted between two accounts, are intended to give the bank time to detect suspicious activity, such as a large number of transfers from multiple accounts into a single account. The online-transfer delay was adopted in response to a wave of phishing incidents in which thieves transferred funds from victims' bank accounts into accounts owned by "mules." Mules are people who open bank accounts based on email solicitations, usually under the guise of a business proposal. From the mule accounts, the thieves withdraw cash, open credit cards, or otherwise loot the account.
Barclays also offers account monitoring of customers' actions to compare them with historical profile data to detect unusual behavior. For instance, the service would alert the bank to contact the customer if the customer normally logs on from England and suddenly logs on from New York and performs 20 transactions.
Explain the differences between the types of network security offered by the banks in the case. Which bank would you open an account with and why
Bank of America, Commerce Bancorp, PNC Financial Services Group, and Wachovia were victims of a crime involving a person trying to obtain customer data and sell it to law firms and debt-collection agencies. New Jersey police seized 13 computers from the alleged mastermind with 670,000 account numbers and balances. There is no indication the data were used for identity theft, but it highlights how increasingly difficult it is to protect information against such schemes as the market value of personal information grows. In the past, banks were wary of the cost or customer backlash from adopting network security technologies. Today, banks are beefing up network security as more customers begin to view security as a key factor when choosing a bank.
Bank of America
Bank of America is moving toward a stronger authentication process for its 13 million online customers. Bank of America's new SiteKey service is designed to thwart scams in which customers think they are entering data on the bank's website, when they are actually on a thief's site built to steal data. This occurs when a worm tells a computer to reroute the bank's URL into a browser to another site that looks exactly like the bank's.
SiteKey offers two-factor authentication. When enrolling in SiteKey, a customer picks an image from a library and writes a brief phrase. Each time the customer signs on, the image and phrase are displayed, indicating that the bank recognizes the computer the customer is using and letting the customer know that he or she is at the bank's official website. The customer then enters a password and proceeds. When signing on from a different computer than usual, the customer must answer one of three prearranged questions.
Wells Fargo Company
"Out-of-wallet" questions contain information that is not found on a driver's license or ATM card. Wells Fargo is implementing a security strategy that operates based on "out-ofwallet" questions as a second factor for network password enrollment and maintenance. It is also offering network security hardware such as key fobs that change passwords every 60 seconds. Last fall It launched a two-factor authentication pilot in which small businesses making electronic funds transfers need a key fob to complete transactions.
E*Trade Financial Corporation
E*Trade Financial Corporation provides customers holding account balances of more than $50,000 with a free Digital Security ID for network authentication. The device displays a new six-digit code every 60 seconds, which the customer must use to log on. Accounts under $50,000 can purchase the Digital Security ID device for $25.
Barclays Bank
Barclays Bank instituted online-transfer delays of between several hours and one day. The delays, which apply the first time a transfer is attempted between two accounts, are intended to give the bank time to detect suspicious activity, such as a large number of transfers from multiple accounts into a single account. The online-transfer delay was adopted in response to a wave of phishing incidents in which thieves transferred funds from victims' bank accounts into accounts owned by "mules." Mules are people who open bank accounts based on email solicitations, usually under the guise of a business proposal. From the mule accounts, the thieves withdraw cash, open credit cards, or otherwise loot the account.
Barclays also offers account monitoring of customers' actions to compare them with historical profile data to detect unusual behavior. For instance, the service would alert the bank to contact the customer if the customer normally logs on from England and suddenly logs on from New York and performs 20 transactions.
Explain the differences between the types of network security offered by the banks in the case. Which bank would you open an account with and why
Explanation
Verified
Verified
The case presents several forms of netwo...
Business Driven Technology 6th Edition by Paige Baltzan
Why don’t you like this exercise?
Other Minimum 8 character and maximum 255 character
Character 255
