Online thieves might be sophisticated enough to go after online banking customers that use just an account number, PIN or password to transact business over the Web. However, it's not the individual that poses the most tempting target.
"Is the hacker going to come after me, or the server of the bank and get yours, mine and the other 10,000 account members?" asked Cynthia Provin, president of THALES e-Security for the Americas, based in Sunrise, Fla.
It's certainly more difficult to crack into a bank's server, but once there, a data thief could find the biggest trove of valuable information. "That's where the information is the most vulnerable," said Provin.
As part of its WebPIN online transaction solution, THALES provides a hardware-based host security module that addresses this potential vulnerability. "Of course banks have firewalls, but it's been proven time and time again that the people who really want that information are professional criminals, and can get through a firewall and passwords and things of that sort," said Provin.
So if you can't keep the thieves out of the house, at least prevent them from finding the jewelry. That's what encryption does - it makes the jewelry box indistinguishable from the cereal box.
But even with password-protected access to a Web server, there are ways to break through encryption. That's the main benefit of hardware-based encryption. "If you do encryption in software, it's on the server--and that's a vulnerability," said Previn. "If someone were to break into the Web server, they're never going to be able to find the key to unlock that encryption."