Vasco card reader gets bigger screen to combat social engineering

Users enter and see more information on the card reader instead of on the keyboard and computer screen

By displaying more information on the screen of the new Digipass 870 card reader about transactions the device is used to secure, Vasco Data Security hopes to decrease the effectiveness of social engineering.

In their battle with hackers, banks have been increasingly willing to invest in more advanced authentication products.

"There is more of a sense of urgency now than in the past. Hackers have moved from attacking the technical side to instead focus more on social engineering," said Niels Decraene, regional sales manager at Vasco.

Social engineering is all about misleading users and getting them to enter information on a website they shouldn't. The key to getting around this is to let the user enter and see as much information as possible on the screen of the card reader instead of on the more vulnerable computer screen.

For example, PIN codes are directly entered on the reader and not on the computer keyboard. Therefore, they are never exposed over the Internet or the PC. Important transaction information such as amount, account and reference number is displayed on the device and must be confirmed by the user by entering a PIN code to approve the transaction.

To allow users to see more information, the Digipass 870 has a screen that fits up to six lines of information. That compares to the two-line LCD screen on its predecessor, the Digipass 855. The screen also has a better resolution.

The card reader can be used in both unconnected and connected modes. The latter means the device is connected to the Internet via PC using a USB cable. That allows the device to not only be used for authentication, but also as a secure communication channel.

"Banks increasingly prefer to use the connected mode, because it allows for more advanced functionality, including the secure communication," Decraene said.

Two European banks, one for corporate and one for retail use, have signed on to use the Digipass 870. The first will start using it during the third quarter, according to Decraene. The company doesn't want to specify what it costs, but it is a high-end card reader, he said.

Send news tips and comments to

Join the CSO newsletter!

Error: Please check your email address.

Tags cebitsecurityAccess control and authenticationVasco

More about VascoVasco Data Security

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Mikael Ricknäs

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts