Some 550 million Chinese could be forced to update their anti-virus software and patch their Windows machines in order to use online banking.
The move – said to be the first security measure of its kind on such a scale – would see the country’s third largest payments provider, Alipay, use Microsoft's back-end systems to determine whether software on customers' Windows machines were up to date.
It would scan the computers to ascertain if important patches were applied, anti-virus signatures up-to-date and firewalls in use.
Users who failed the test would be issued with a notice warning for their lax security state. It was unclear if customers would be prevented from banking online or have transactions restricted if they failed the test.
Alipay could be issuing plenty of notices given the large number of counterfeit Windows installations in China, some of which could not be patched. Last year, Microsoft chief executive Steve Ballmer said 90 percent of Microsoft products used in the country were counterfeit.
The move could be a forerunner to the way western banks approach customer security, Microsoft’s chief security strategist Scott Charney told SC.
“Some banks are already refusing to allow users to use older web browsers like IE (Internet Explorer) 6,” Charney said. “It gives an idea into how they are thinking."
Banks would have increased capability to regulate the security posture of their customers under Windows 8 according to Charney, allowing them to tap into boot security technologies including early-launch anti-malware.
On the mobile front, fraud experts within the finance sector had previously called for jailbroken devices to be banned from accessing bank services.
Jailbroken devices expose root directories and activate a string of services, such as remote access, which are not normally available. This made phones easier to attack particularly if users neglected to change the default root passwords.
Darren Pauli travelled to Redmond as a guest of Microsoft.
Copyright © SC Magazine, Australia
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.