Intuit is to add security mechanisms to the German version of its Quicken personal finance package after a German-based hacker organisation, the Chaos Computer Club, used a rogue Active X control to undertake an illegal funds transfer with the application.
The firm has included encoded data files, which restrict funds transfer to pre-authorised accounts only, in the US version of its offering since October last year, but will not include similar functionality in UK or German versions until later this year.
Jacqueline Maartense, Intuit?s UK managing director, said: "Online banking doesn?t exist yet in the UK apart from a couple of pilot sites, but when it does we?ll take precautions. Currently, if a bank wants to export data into Quicken, it can do so via the Quif file format specification. That takes some manual work, but it will be some time in 1997 before we can transfer funds here."
She added that the problem with the ActiveX control was not unique to Quicken and could happen with virtually any package based on Active X. Her company took security issues very seriously.
Other security mechanisms included in US products are RSA and DSA encryption and the use of a personal identification number to verify transactions before they are sent to ensure that unauthorised transactions are not accepted by the bank.
Intuit also plans to support the Open Exchange Web standard on how to execute transactions in the next release of Quicken.
The Chaos Computer Club has apologised to Intuit for using its package and admitted that the illegal funds transfer, shown on German TV, was only a stunt.
Intel's neural network USB stick could bring AI to the masses
Dubbed Barnard's star B, newly discovered planet is believed to be rocky
Also, what's a USB stick?
Gravitational waves become extremely weak by the time they reach the Earth and require highly sensitive equipment for detection