Feeds

Australian banks start replacing RSA tokens

Singing from the same song-sheet

Securing Web Applications Made Simple and Scalable

The ongoing fallout in Australia from the RSA security hack continues, with both Westpac and ANZ Bank announcing they will replace customers’ tokens. Another of Australia’s “big four”, the Commonwealth Bank, is yet to decide its course of action, while there’s been no word yet from the National Australia Bank.

Westpac has not revealed how many tokens will have to be replaced, but ANZ’s user base is reported to be around 50,000.

Australia’s banks haven’t rushed to discuss the issue in public. It would appear that their hands have been forced by attacks on defense contractors that have become public in recent weeks, which are eroding confidence in the system.

Nearly every public statement from Australia’s banks has included a bromide about “multi-layered security”, suggesting either a startling lack of originality, or a boilerplate written by RSA. Here are some samples:

“One part of a multi-layered security process” – the Commonwealth Bank.

“The bank … protects customers through a multi-layered security approach” – Westpac.

“One layer of multi-layered security measures” – ANZ Bank.

Given RSA’s original reluctance to discuss the risks involved in the original security breach in March, followed by security breaches at Lockheed Martin and others, culminating in RSA’s belated offer to replace the tokens, the bankers had better hope their reassuring statements don’t fall apart in the face of events. ®

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.