By Elliott Holley

Commerzbank has adopted a visual transaction signing tool from UK security firm Cronto for its online banking customers, designed to protect against Trojan malware.

The CrontoSign technology has been deplyed under the photoTAN brand, replacing the iTAN security solution where a unique number is used to authorise each banking transaction. With photoTAN, users will be able to verify payments with a mobile app or a standalone device using a unique authorisation code (TAN) to sign the transaction. Cronto and Commerzbank have been collaborating since 2008.

“We have worked closely with Commerzbank who helped to develop the CrontoSign visiual transaction signing technology from innovative ideas to the product ready to serve the needs of millions of banking customers,” said Igor Drokov, chief executive at Cronto.

In January, telecoms research firm Juniper Research predicted that uptake of mobile banking services would reach one billion by 2017. However, several recent incidents involving financial crimes perpetrated using mobile banking technology have threatened to undermine confidence in the industry.  In November 2012, the so-called ‘Eurograbber’ attack used malware to target the PCs and mobile handsets of users, carrying out automatic transfers that varied from €500 to €250,000, according to research by security vendors Check Point and Versafe.

The malware included a bot attack known as the Zeus Trojan or Zitmo, which infected computers and mobile devices and enabled the hackers to intercept and steal the SMS messages sent by banks to their customers.

“PhotoTAN meets the highest demands for security in online and mobile banking,” added Martin Zielke, member of the Commerzbank board of managing directors, responsible for business segment private customers at Commerzbank.