It seems that IBM is working on the issue of securing online banking. This article describes a device that will setup a secure connection with a bank’s server. The interesting thing to note is that the device does not protect against man-in-the-middle attacks or Trojan programs on the customer’s computer. Instead, it is supposed to make all the transactions visible so that the user can look for fraudulent activities during the session. This relies on customer knowledge and vigilance, which is an obvious weak point.
IBM ‘security on a stick’ protects online bank customers – Network World
IBM researchers have come up with a small device they like to call “security on a stick” for use in online banking so customers plugging into any computer can protect transactions and find out if Trojan malware is trying to steal funds.
…
“It doesn’t prevent a man-in-the-middle attack on the PC, but it makes them visible,” Baentsch says. So after logging on,
if a banking customer intended to complete a certain transaction but saw that inexplicably there was different information
about to be transferred — perhaps through a trick of a Trojan on the machine — that action could be stopped.