Saturday, September 09, 2006

Yahoo Sign-In Seal

<< Thoughts on New Technology >>

Yahoo is the first major web portal to push into the realm of Sign-In Seal, a security service to prevent surfers from landing on fake look-alikes of yahoo websites.

The idea is to associate a Yahoo sign-in seal with an individual computer. The seal is chosen by the subscriber, which can be text, color or image of his liking. This seal will be shown each time the user goes to a log-in page for a yahoo service. This helps the user verify if he is on a legitimate yahoo page.

The service has not yet been officially announced and has been rolled out to customers on a random basis.

This is very similar to sign-in seal that Bank Of America and IngDirect already use. But these are associated to the person's id instead of the computer itself.


I like the Bank Of America model better than the yahoo one. Since the seal is associated with a computer, someone else using the machine can change it without your knowledge and deletion of files and cookies affects it as well. In the Bank Of America model, the only fear is of giving away your user Id.

When I tried using the service, I had to associate a Sign-In Seal for each browser I was using. One for IE7, One for FireFox Beta 2 and One for Opera 9. The image did not propagate to all my browsers. I am not sure if this is intended behavior or may be I was missing something.

But this is definitely a huge step forward to prevent surfers from phishing attacks. Lets' see if others like google, hotmail embrace similar technology.

No comments: