Verdasys Says it Has A Better Way to Protect Web Transactions Against Malware
(Page 2 of 2)
all communications with the protected site. Says Ledingham, “We immediately encrypt all input from the keyboard, bypassing other points of vulnerability in Windows.”
Ledingham says that since only the originating company’s Web servers have the keys needed to decrypt the data, the SiteTrust technology protects against all sorts of attacks, including keyloggers, unauthorized screen captures, code injection attacks, so-called “man in the browser” and “man in the middle” attacks, and phishing and website spoofing. In studies funded by Verdasys, two independent security consulting firms found that this approach was “100 percent effective against all known malware threats,” in the words of a company statement.
The SiteTrust concept is similar in spirit to an idea developed by Liquid Machines, another Waltham company whose “application injection” technology takes over word-processing programs, e-mail software, and the like, automatically encrypting digital documents and then decrypting them only for authorized users. But Liquid Machines’ system is designed for use within big enterprises and their business partners, whereas SiteTrust extends data protection to all of a company’s Web customers.
One of the top three online brokerage firms—Verdasys can’t yet divulge which one, though it says the firm has 6.3 million customers—has signed up as the first SiteTrust licensee. The firm won’t force its customers to download the SiteTrust software in order to keep accessing their online accounts, but it will probably offer them incentives to drive adoption, Ledingham says.
While SiteTrust marks the first time that the company will be putting software on consumers’ machines, conceiving the service wasn’t a huge leap. “The reality is that a lot of enterprise machines are compromised as well by malware, and a lot of our customers were seeing the anti-virus products decline in efficacy, so we were already having to develop this technology to protect data within the enterprise,” Ledingham says. “It was a logical extension to monetize that by selling it to companies who want to protect their consumer base.”
Trending on Xconomy
By posting a comment, you agree to our terms and conditions.