ING Direct rolls out client-based fraud prevention system

Software "assumes" end user machine is infected with malware

Tackling fraud is vital to ING Group's reputation

ING Direct is launching a new fraud prevention system that will allow US customers to safely bank online even if their computer is infected with malware.

The software will sit on end users' desktops and create a "secure tunnel" between them and the bank's servers.

Online banking security is vital to the businesses success, said Rob Weaver, head of IT security at ING Direct USA.

"As a direct bank with no branches, our primary channel for customer interaction is the internet," he said. "Consumer confidence in the safety of this channel is critical for our business."

The software will be available on ING Direct's web site as a free download.

It protects and SSL encrypts information on the desktop, and confirms the destination location before dispatching it.

The move is designed to protect against a rise in banking Trojans that can infiltrate machines and hide themselves from desktop AV systems.

"The software supports safe surfing by identifying potentially dangerous consumer behaviour rather than specific technical attacks," said Weaver.

Three different tests for the bank by the software supplier, Trusteer, found that traditional AV solutions can only detect and track between 20 and 30 per cent of malware – and malware is increasingly being hosted on legitimate web sites.

The success of two factor authentication used by banks to protect against phishing has seen a significant reduction in the success of these scams.

In the UK alone, losses decreased by a third from £33.5m in 2006 to £22.6m in 2007 as customers and banks became more vigilant against phishing.

But this has meant attackers have developed more complex Trojans targeted at specific types of banking customers – which the new system will protect against.

Guarding against these attacks will become increasingly important for banks keen to protect their reputation, said Weaver.

"Online security is gaining influence in the consumer buying decision as tales of fraud and identity theft are more publicised," he said.