IronKey Rolls Out Secure E-Banking On A USB StickIronKey Rolls Out Secure E-Banking On A USB Stick
Hardened device includes virtualized OS and a secure Web browser that goes directly to bank's Website
February 24, 2010
IronKey today announced a USB stick that performs secure online banking with its own virtualized operating system and locked-down browser.
Aimed at enterprises for their online business banking, as well as at banks to offer to their corporate customers, the IronKey Trusted Access for Banking device plugs into a computer and is activated with a password. It also runs an on-board malware scan, and the browser goes directly to the bank's online banking site.
"What's cool about this also is that we use SSL VPN out to our servers, or the bank can terminate it at their own servers," says David Jevans, CEO of IronKey. "All content is encrypted through the SSL VPN .. and it has the ability to mask traffic so the malware can't see you're going to the Bank of America [for instance]. Nothing can inject malicious content into the stream or tamper with any content with a man-in-the middle attack."
DNS cache-poisoning attacks won't work with the tool, either, because it deploys its own secure DNS channel, Jevans says.
"There's a whole, new suite of banking Trojans aimed at corporate users," Jevans says. And recommendations that corporate banking customers run a dedicated computer for online banking only isn't realistic for all organizations, he says, so the IronKey Trusted Access for Banking device provides a more manageable alternative.
IronKey remotely manages the device via its online service, and it includes an RSA SecurID token for one-time passwords. Pricing is $200 per year or less; IronKey will begin shipping the devices at the end of March.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Get the Gartner Report: SOC Model Guide
Gone Phishing: How to Defend Against Persistent Phishing Attempts Targeting Your Organization
The Evolving Ransomware Threat: What Business Leaders Should Know About Data Leakage