CallingID Introduces "Saftey Seal" - Strong Authentication
Solution Using Traditional Username and Password
San Jose, Feb. 14th 2006 – CallingID (www.callingid.com)
today announced a totally effective, multi-level solution, Safety Seal
that fully protects both the web site and the end-user from all known Internet
fraud, but doesn't require changing login procedures or installing software on
end-user's machine.
While the threats of Internet fraud have become major issues for e-commerce and
online banking, the more costly problem is a sizeable number of reluctant
consumers who will not conduct online transactions, online banking, or enter
personal information on a website because they don't know how to verify the
sites' legitimacy. One study found that almost 60% of U.S. households were
extremely concerned about banking online. Other recent research shows the first
decline in five years of U.S. households that believe Internet-based
transactions are secure.
CallingID solves these problems by providing a new service for sites registered
as "CallingID Safety Seal Verified" which fully protects the site's users when
they login to their web account.
The new guidance issued by the Federal Financial Institutions Examination
Council (FFIEC) requires strong authentication when a customer logs into his
bank account over the Internet. CallingID Safety Seal protects users
from every known form of Internet fraud, including phishing, pharming, spyware,
malicious proxies, Trojans and key loggers.
CallingID's technology is the most secure solution since it provides three
layers of protection: mutual authentication, full protection against phishing
and full protection to bypass spyware.
Safety Seal detects incidents where personal or confidential data, users
are about to send, might reach a site other than the protected site they had
intended sending data to. An immediate alert automatically calls users'
attention to prevent such action. CallingID encrypts the key sequence when
users type their password and prevents Trojans or spyware from detecting the
password typed. The spyware is given a misleading password while the real
password is securely transferred to the server.
CallingID Safety Seal automatically detects sites which use man in the
middle attacks and sites that redirect victims to login to their account by
spoofing DNS. These fraud sites will receive a misleading password and will not
be able to fool victims.
One of the most sophisticated attacks, effective even when the user
authenticates with a hardware token, employs proxy servers during the
authentication process, thus succeeding in tricking users into accessing their
web account through them. When the login process is completed, the proxy server
operator disconnects the user and continues the session using the victim's
identity.
"The critical need for a comprehensive anti-phishing and anti-spyware solution
has become a major concern for banks and e providers" said Yoram Nissenboim,
CallingID CEO. "Millions of users are being lured by Internet scammers to
access bogus websites, and submit their personal confidential details.
Customers need to feel confident that they have the best protection against
identity and money theft. CallingID provides the level of confidence and
security that clients seek while preserving their login process."
About CallingID
CallingID provides solutions that encourage usage of the Internet for business,
helping customers avoid Internet fraud (phishing, pharming, spyware and
Trojans) focusing on online banking, e-commerce and corporate sites as well as
individual Internet users. CallingID's offices are located in New Haven,
Connecticut and the R∓D team is based in Haifa, Israel.