Panda pitches client security for banks

Panda pitches client security for banks


Banks can scan customer PCs for known malware

Security firm Panda has launched a software suite designed to secure e-banking and e-commerce transactions.

Panda Security for Internet Transactions is designed to allow banks to scan users' PCs to ensure that launching a transaction on their websites is not affected by any malicious code.

This eliminates the risk of passwords being stolen or other fraudulent operations, the company claimed.

"Fraud and online theft are responsible for considerable financial losses for users as well as banks and other companies that operate transactions over the internet with clients," said José Antonio López, director of corporate solutions at Panda.

"Online fraud has grown almost 40 per cent since 2006, and that is an alarming expansion of this threat."

Panda Security for Internet Transactions can be configured with options including making the application visible to users, customising the design and specifying the situations in which clients will be prevented from accessing the host website.

"Consumer confidence in online transactions will grow rapidly by ensuring that users, the weakest link in the online security chain, are protected," added López.

"For example, if the system detects that a user is infected with a Trojan that does not pose a threat to the transaction, the user can be allowed to access the website without delay.

"The administrator can then decide whether or not to advise the user that their computer is infected."

Banks and businesses using the service can also decide how to perform the scan on clients' PCs. For example, they can require them to run a scan before entering their details or, if they prefer, include it as a voluntary option.

The scan can also be run after the user identification process, on an intermediate web page, or on all the pages that the company chooses. All these parameters are managed and configured through a web console.

Scanning takes place in real time and is imperceptible to users. All that is required is the installation of a small ActiveX control the first time the remote client PC is scanned.