Change Player Size
Watch this video in a new window

IBM Zone Trusted Information Channel (ZTIC)

More and more attacks to online banking applications target the user's home PC, changing what is displayed to the user, while logging and altering key strokes. In order to foil these threats, the ...  
 
Customize

More From: LazarusPayne

Loading...
Play All Stop Autoplaying | Play Next

QuickList(0)

Clear | Save

Related Videos

Upgrade to Flash Player 10 for improved playback performance. Upgrade Now or get more info.
20 ratings
Sign in to rate
23,665 views
Flag
close
Want to add to Favorites? Sign In or Sign Up now!
close
Want to add to Playlists? Sign In or Sign Up now!
close
Want to flag a video? Sign In or Sign Up now!

Statistics & Data

Loading...
Sign in to post a Video Response

Video Responses (0)

This video has no Responses. Be the first to Post a Video Response.
Sign in to post a Comment

Text Comments (12)   Options

Loading...
ZephyrChronicles (8 months ago) Show Hide
 0
Marked as spam
I guess John Smith never learns...

wouldn't this be dependent on the user? if the user is lasy and confirms without reading properly, wont this defeat the purpose?
furiousaaron (7 months ago) Show Hide
 0
Marked as spam
Nooooo, it shows up to the user that he is paying correctly but the hacker changes the destination
grajsor (1 year ago) Show Hide
 0
Marked as spam
And how hard can it be to insert a man-in-the-middle devicedriver that emulates this device and makes it even easier for fraud (if a lot of banks use this) by emulating both channels to the device(s) (bot the ztick and the bank). I'd say this LOWERS the chance of getting hit by fraudlent individuals, since they have easy targets.
mibZurich (1 year ago) Show Hide
 0
Marked as spam
The "bad guys" don't gain anything by inserting a MITM device driver as long as the ZTIC controls access to the "real secrets" (crypto keys, smart card, PIN, e.g.) and operates on them only after displaying to the user the data to be exchanged with the server: The user would see the MITM operations (and cancel the operation) and the server would not accept changes by the MITM software --assuming we trust TLS/SSL to be a secure protocol :-)
KurdoFighter (1 year ago) Show Hide
 0
Marked as spam
Hmmm what if a virus/malware-programmer creates a virus/malware for that stick? so when the user stops the usb the virus/malware copies it self to the stick and the stick is conatining virus? Then the stick is a bad idea?
mibZurich (1 year ago) Show Hide
 0
Marked as spam
If it were possible to load software onto the ZTIC, then you were right. However, it's been designed so that this should be _very_ hard (I'd say "impossible", but you never know :-) It'll be much harder than with PC's anyway :-)
KurdoFighter (1 year ago) Show Hide
 0
Marked as spam
Yeah but still, Blueray was said to be "unbrokeble", but today I saw some news that they have cracked it. So it is just matter of time until this stick is cracked too and then the virus-creators will just proceed. In my opinion this solution suck. But it is a better then what I would thought of ofc.;)
graydiggy (8 months ago) Show Hide
 0
Marked as spam
The ZTIC (or Zone Trusted Information Channel) is a dongle that allows for secure banking, even on a very infected machine. The way it works, is it opens an SSL connection with your banks servers, keeping data safe on its side (with no internal storage of its own) it doesnt have internal storage making what you say could happen, impossible.
bosna737 (1 year ago) Show Hide
 0
Marked as spam
bravo
mibZurich (1 year ago) Show Hide
 0
Marked as spam
In principle and technically, yes. For security reasons, ZTIC needs to be configured to support specific banks, though (it only connects to configured servers).

Would you like to comment?

Join YouTube for a free account, or sign in if you are already a member.