Stonebridge Bank of West Chester, Pa., has agreed to use new software from Armored Online, a security application company formed last year, that encrypts communications between banks and their customers.
The software features a dedicated message center for sending and receiving notices, as well as a secure, dedicated browser customers can use to access a bank's Web site.
With this software, "we bypass all the phishing and man-in-the-middle types of attacks," George Rapp, Stonebridge's chief technology officer, said last week.
The software, which his bank plans to start using this year, resides on a customer's computer. An icon flashes on the desktop when the customer receives a message from the bank.
This method bypasses e-mail as a communicati on tool; Armored Online discourages its financial clients from using e-mail to reach customers.
Users can also launch a secure browser that connects only to the bank customer's Web site.
The dedicated browser can block "man in the middle attacks," in which a hacker piggybacks on a normal online banking session.
Joe Sowerby, Armored Online's chief executive, said that using his software means that "at no time does anything go over the wire unencrypted."
The browser component also is much less permissive than most Web browsers, he said. "It does not accept persistent cookies," which keep records of users' settings.
"It does not accept plug-ins. There is no access to do the type of things … [hackers] do through a browser."
The software also allows customers to interact only with the site of the bank that offers it.
