Banks Fight Phishing And Ken Releases A New Book
By MortazaviBlog on Jun 01, 2005
Banks have begun fighting phishing.
For example, The Wall Street Journal is reporting that Bank of America will be requiring account holders to register a unique image with their online accounts. On subsequent visits, the image is displayed prior to the user entering his or her (or its?) password. Frequently used machines have to be "registered" (through cookies and IP addresses) with the online banking service for this to work. If an "unknown" computer is used, a challenge question will be posed.
But does that totally eliminate "phishing" or does it simply reduce it to some very acceptable levels?
First of all, it is clear that these techniques will reduce "phishing" appreciably. Since the bank has something you've left in its trust (the digital image), the "phisher" cannot "phish" for you unless the "phisher" knows what you've left in the bank's trust, i.e. the image. (So, even after the challenge question is answered, you should expect to see the image you left in the Bank's trust.) Now, to "phish," the "phisher" will not only have to "phish" for you but it also needs to break the security of the connection you have with the bank or masquerade as the bank during your picture registration. The problem for the "phisher" becomes rather complex, but have we really eliminated all possibilities? (The answer, obviously, is negative, but that depends, at least theoretically speaking, on an application of temporal logic, and we don't really want to get into that right now.)
Note that the sort of measure that Bank of America has taken is really the right way to fight this sort of "failure" or problem. The trouble is that one finds and must be prepared, theoretically speaking, for a need to change the technique on a continuous basis and in the long run. (The particular technique we just discussed above can be quite robust as a response.)
What does all this mean?
To really understand the the associated problems, one needs to look at failure theory in distributed systems software. In other words, if we consider "phishing" as a failure, theory of failure in systems can become applicable.
A good reference on this failure view of cyber-hostility is Ken Birman's Building Secure and Reliable Network Applications. While we're on this topic, I should note that Ken has just released a new book.
One other point—as it becomes more and more complex to sign on for high-value on-line services (some are now using token cards to achieve what Bank of America is attempting to achieve with the trusted image technique), isn't it time for us to think even more seriously about single-sign-on to networks? Or does it become necessary to carry many token cards in the hand, as we carry credit cards, building badges, driver licenses and other identity tokens in our wallets and purses?