Customers won't be allowed to use 'Autocomplete' anymore…
By Andy McCue
Published: 9 November 2004 13:33 GMT
Morgan Stanley has moved to close a security loophole that could potentially have compromised the passwords of some customers using its online credit card service.
The problem centred on a password-saving feature in Microsoft Windows, which allows users to save login and password details so they are automatically filled in by their PC when prompted for the information.
Most financial services websites have their online services set up - in accordance with APACS guidelines - so that their customers can't use this 'Autocomplete' feature to gain access to their accounts and prompting them to enter their password manually each time.
But Morgan Stanley has allowed customers to access their online credit card accounts using Autocomplete since the service was set up in 1999, meaning that customers using a shared PC were potentially leaving their password and account to be accessed by anyone else using that machine.
A spokeswoman for Morgan Stanley confirmed the loophole was quickly closed by IT staff as soon as it was alerted to the problem yesterday by the BBC. She said the company will also be notifying customers of the change.
Just last week online bank Cahoot was the subject of a security scareafter a routine upgrade of the bank's software resulted in a flaw that allowed users to move between other people's accounts by bookmarking sections of the site. Cahoot took the site down for 10 hours while it fixed the problem.
Ideally from a Bank/Credit Card company background with superb management experience.Necessary experience:-SAS-Scorecard ...
Experience and knowledge of the Credit Card industry. CUSTOMER IMPACT STATEMENT The Technology Division has a Contract role for a Senior Business ...
My client is a large financial organisation and they're looking for an experienced Business Analyst to work on part of their Banking Transformation ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Is Your Enterprise Architected for Tomorrow's Growth?
Improving IT service delivery through an integrated approach to software asset management...
TechRepublic Resource Guide: Software as a Service (SaaS) for Small and Midsize Businesses...
Download a Free Trial of SmartDraw: Learn why SmartDraw is the ideal alternative...
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy