from K.C. Jones at TechWeb
ID Vault is a a single-function USB token, contains a smart card chip that stores user names and passwords for all online accounts. It was created by GuardID Systems to protect users against phishing, pharming and keystroke logging. They forecast shipping 250,000 ID Vaults.Users can plug the “digital vault” into their PCs and click on icons for secured favorites. From there, they can choose the accounts they want to access. Pages loads automatically, saving the effort of launching browsers. The device sends encrypted data without requiring users to type access codes.
ID Vault relies on proprietary software to monitor and update IP addresses on a database of 4,000 financial institutions. If a hacker tries redirecting users to an invalid site, the program warns that it is not “compatible.”
If someone steals an ID Vault and attempts to log on to the owner’s accounts, the information is wiped from the memory after three unsuccessful logon attempts — but not before giving the opportunity to insert the 20-digit serial number that came with the device.
GuardID Systems offers a two-pack, with a spare token for backup, and the program allows users to print a copy of their user names and passwords. The financial site monitoring service is free for the first year and available by subscription after that.
The Federal Financial Institutions Examination Council decided last year to require banks to institute a two-layered authentication approach to prevent identity theft and account fraud. The council did not endorse specific technology, but identified USB tokens as one possibility. The council noted that the devices are difficult to duplicate, tamper resistant, user-friendly, convenient, and simple to implement.
“An effective authentication system is necessary for financial institutions’ compliance with requirements to safeguard customer information; to prevent money laundering and terrorist financing; to reduce fraud and the theft of sensitive customer information, often the precursor to identity theft; and to promote legal enforceability of financial institutions’ electronic agreements and transactions,” the council stated when delivering the guidance.
Forty-three percent 43% of Internet users, or about 63 million American adults, bank online, according to figures released last month by the Pew Internet and American Life Project.
Thompson said those users should be guarding access to financial information and other online accounts, especially as hacking becomes increasingly serious.
“Many, many of these hackers have gone from harassing you to trying to steal from you,” he said. “It’s generally random, not focusing on an individual. It’s the low-hanging fruit. Most people are not aware there is anything they can do to prevent ID theft, and people are spending fortune on ID theft insurance. It seems that the practical thing is to prevent it and they need to know that there’s a way to do that.”
Approximately 27 million American adults have been victims of ID theft in the last five years, according to the Federal Trade Commission.
Gardner Research said GuardID Systems could block phishing and pharming more proactively than browser plug-ins and enhancements.
GuardID Systems began shipping the product, which costs $49.95, to Circuit City, CompUSA and Best Buy last month. The product is also selling through Internet resellers like Amazon.com.