2010 R&D 100 Winner
Nearly 90% of identity attacks online are targeted at the financial services sector. The Zone Trusted Information Channel (ZTIC) from IBM Research—Zurich (BlueZ Business Computing team), Rueschlikon, Switzerland, is designed to combat online identity theft in the financial sector. The ZTIC plugs into any computer to create a direct, secure channel to a bank, bypassing the virus-prone personal computer.
The ZTIC consists of a USB device with an internal processor and an LCD that connects with a pre-configured banking Web site. After starting the proxy, the user opens a Web browser to establish a connection with the Web site. The session is protected by keys maintained only on the ZTIC. The secure second channel prevents “man-in-the-middle” attacks and malware from manipulating a transaction.
The USB device adds an extra level of security to the existing authentication solutions provided by smart card, PIN, or one-time validation code. Critical transaction information, such as target account numbers, is automatically detected in the data stream between browser and ZTIC and is then displayed on the ZTIC for user confirmation. Only after pressing the "OK" button does the secure connection continue.
Technology
Secure banking hardware device
Developers
IBM Research - Zurich (BlueZ Business Computing)
Development Team
The IBM Zone Trusted Information Channel Development Team from IBM Research - Zurich (BlueZ Business Computing):
Michael Baentsch
Peter Buhler
Francois Dolivo
Douglas Dykemann
Reto Hermann
Frank Hoering
Michael Kuyper
Diego Alejandro Ortiz-Yepes
Michael Osborne
Hansruedi Steinauer
Thomas Weigold
