Banks enhance customer protection
FINANCIAL institutions are currently implementing Cronto technology to protect customers against the Man in the Middle (MITB) type of fraud attacks.
Cronto is available through Mobile Applications and secures the communication channel between the customer and the bank to protect transaction data from being altered.
This is according to the Bankers Association of Zambia (BAZ) Public Relations Officer, Miriam Zimba, in an interview.
Ms Zimba explained that Cronto technology was one way in which commercial banks and financial institutions could verify and protect customers against MITB attacks.
She said the data was presented in a manner that the user could confirm that it corresponded with their intended transaction before generating an authentication code based on the transaction’s details.
“Only the bank can generate this code and it can only be decrypted by the user’s mobile device.
“This unique approach to transaction verification simplifies the experience because it reduces the user interaction required to authenticate a transaction,” Ms Zimba said.
This, she explained, allowed all the encrypted transaction details to be communicated between the commercial bank and the customer without the risk of interception or tampering by hackers.
She indicated that as a result, commercial banks could offer a quick, user-friendly security solution that protected customers, and ensures compliance and ultimately improves the customer experience.
“Governments around the world have proposed or implemented various measures to provide access to encrypted communications or devices for purposes of national security, by law enforcement wings.
“However, Governments are cautioned to refrain from citing MITM attacks to enable law enforcement wings to unwarrantedly access private communications. Creating these capabilities greatly undermines security for all users and the infrastructure of the internet,” Ms Zimba said.
She said this was because undesirable criminal elements (hackers and cybercriminals) could use the same methods created for law enforcement purposes for their own undue advantage.