There seems to be no online banking security regimen that's completely impervious to penetration by fraudsters, with attacks on business accounts and ACH fraud the latest vector to fall prey to massive compromise. IBM's ZTIC (Zone Trusted Information Channel) hardware security device offers respite from the type of man-in-the-middle and man-in-the-browser attacks that are currently plaguing business banking accounts.
The ZTIC plugs into a computer's USB port, requiring no driver installation. When the user opens a Web browser to connect to online banking, ZTIC creates a pass-through proxy connection to the bank's pre-configured Website. From this point on, any data sent by the user to the bank passes through the ZTIC and is displayed on its small screen. Users are prompted to "OK" or "Cancel" transactions by pressing a button on the ZTIC. The SSL session is protected because the keys are maintained on the ZTIC, rendering any PC malware ineffective.