Galexia
             home
       about us
        services
        projects
       research
          contact
» home » research » assets » eft review  

Subscribe to Galexia news and announcements.
More information »

Galexia's specialist management consulting services: Galexia has expert consultants in privacy, authentication, electronic commerce and new technology. We leverage our legal, business and technical knowledge to deliver successful business strategies to a diverse range of clients. Find out more »

[Data protection regulations and international data flows: Implications for trade and development (April 2016)]

Data protection regulations and international data flows: Implications for trade and development (2016)
Find out more »

Submission - Joint submission to the 2007 Review of the Electronic Funds Transfer (EFT) Code of Conduct to ASIC (May 2007)

[« previous] [next »] [up] [title page] [full contents]

Petname

Petname is a web browser user interface widget that sits in the browser’s toolbar in clear view of the user at all times. The onus to provide parameters for proper authentication of a website is placed on the user by way of notes reminding the user of the relationship they have with a particular site.

The Petname widget displays this reminder note in every instance that the website is accessed by the user, allowing them to quickly determine the authenticity of a site they are visiting. The key advantage of such a solution is that the visited website has no way of determining the reminder note that the user has set using the widget. This differentiates the Petname widget from other tools which operate inside of the browser chrome. In this way, the user can be certain that the messages appearing in the Petname widget are created solely by the user and have not been altered by an external source.

This approach of detecting a spoofed website reveals shortcomings in current trends in web browser user interface design. In accessing a spoofed website, the information presented to the user is all provided by the attacker: the web page; the URL; the SSL certificate (if any).[54] Allowing the user to set reminder notes regarding their relationship with a website provides an opportunity to enhance the ability of a web browser’s user interface to assist with the authentication of websites by incorporating an element into the interface that is user-derived.

[54] Close T, Petname Tool: Enabling website recognition using the existing SSL infrastructure, W3C Workshop on Transparency and Usability of Web Authentication, March 2006, <http://www.w3.org/2005/Security/usability-ws/papers/02-hp-petname/>.

[« previous] [next »] [up] [title page] [full contents]

[view all] [download PDF version]

[up to research]

 

Search for:

HERE

PrintVersionprint this page

Sitemapsitemap

Subcribe to RSS newsrss news feed

Manage email subscriptionsmanage email subscriptions

Latest News

September 2019
Register of Public Galexia PIAs. Read more »

September 2019
Updates to Galexia Website. Read more »

September 2019
PM&C / Office of the National Data Commissioner (ONDC) releases Discussion Paper and accepts recommendations from Galexia’s PIA on the proposed Data Sharing and Release legislative framework. Read more »

August 2019
Galexia providing privacy advice and an independent public Privacy Impact Assessment (PIA) on 2021 Census for ABS. Read more »

June 2019
Galexia completes privacy advice and an independent Privacy Impact Assessment (PIA) on the Naval Shipbuilding College Workforce Register. Read more »

view all news items »

[Home] [Sitemap] [Print this page] [Privacy statement]

© Galexia Pty Ltd
Telephone: +61 (02) 9660 1111
Email: [email protected]