Safe Transactions with Infected PCs

Continued from page 1

When the user types in the URL of a protected site, Ledingham says, SiteTrust steps in. Without changing the appearance of the user's screen, SiteTrust separates the secure transaction from whatever else might be going on in the browser by running a fresh version of the browser code as its own "process." (A process is the series of commands that the computer executes to run a program, and modern computers can run dozens of them at once.) SiteTrust then monitors this process to make sure that no other program tries to interfere with it. As the user interacts with the site, SiteTrust bypasses many of the vulnerabilities of the operating system, instead taking information from the user's keyboard, encrypting it immediately, and sending it to the website. SiteTrust currently runs on Windows machines and works with the Internet Explorer and Firefox browsers, but Ledingham says that the company is working on Linux, Mac, and Safari versions.

SiteTrust is a new application of the technology behind Verdasys's existing product, the Digital Guardian, which is meant to protect businesses against internal theft. The Digital Guardian also uses a rootkit, installed on every computer in an organization, that watches what users do with sensitive information and flags suspicious behavior. Ledingham notes that, although rootkits have caused controversy in the past, particularly when they were installed without users' knowledge, Verdasys has years of experience designing them so that they don't interfere with a computer's normal use. SiteTrust, Ledingham says, includes an uninstall option so that users can completely remove it if they choose, and it doesn't send any background information about the user to the protected site.

Turner says that he appreciates Verdasys's approach with SiteTrust--in particular, the way that the company has planned for the inevitability of online criminals' targeting the tool itself, lining up improvements to make that more difficult. He adds that the company's distribution model is important to getting SiteTrust to consumers. "People aren't aware that they need this level of protection on their own PC," Turner says. Customers aren't likely to look for additional protection unless encouraged to do so by financial institutions that they trust. Turner also notes that receiving the tool from a trusted institution should help counter consumers' general worries about rootkits.

SiteTrust is launching to six million customers of an undisclosed online broker in the near future. The company plans to make additional deals to protect other websites.