More than 75 percent of the bank Web sites surveyed in a University of Michigan study had at least one design flaw that could make customers vulnerable to cyber thieves after their money or even their identity, the university reported on Tuesday.
The research team examined the Web sites of 214 financial institutions. They found that these design flaws aren't bugs that can be fixed with a patch. They stem from the flow and the layout of these Web sites, according to the study.
The flaws include placing log-in boxes and contact information on insecure web pages, failing to keep users on the site they initially visited, allowing inadequate user IDs and passwords, and E-mailing security-sensitive information insecurely.
"To our surprise, design flaws that could compromise security were widespread and included some of the largest banks in the country," said lead investigator Atul Prakash.
The flaws leave cracks in security that hackers could exploit to gain access to private information and accounts. The U.S. Federal Deposit Insurance Corporation (FDIC) says computer intrusion, while relatively rare compared with financial crimes like mortgage fraud and check fraud, is a growing problem for banks and their customers.
Computer intrusions increased by 150 percent between the first quarter of 2007 and the second, according to the FDIC. In 80 percent of the cases, the source of the intrusion is unknown but it occurred during online banking.
Source:Xinhua
|
Comment
Tell A Friend
Print Format
Save Article