Yahoo Adds Anti-Phishing Sign-In Seal

The seal is associated with the person's computer instead of an ID and password. That's because Yahoo believes it's better to show subscribers they're visiting a legitimate page before entering any personal information.

Antone Gonsalves, Contributor

August 22, 2006

2 Min Read
InformationWeek logo in a gray background | InformationWeek

Yahoo Inc. on Tuesday said it's testing a sign-in seal that ensures subscribers they're visiting the Web portal and not a bogus site set-up by a phisher to steal personal information.

The security feature is being offered to a "fraction" of subscribers chosen at random, a Yahoo spokeswoman said. The service is expected to be rolled out gradually, and to become generally available in the "coming weeks."

The sign-in seal, which is created by the subscriber, is shown each time the user goes to a log-in page for a Yahoo service, whether it's email, the personalized homepage or music. The seal is associated with the person's computer, instead of an ID and password, because Yahoo believed it was better to show subscribers they're visiting a legitimate page before entering any personal information, the spokeswoman said.

Sign-in seals are being adopted by financial institutions as an anti-phishing measure for online banking. Bank of America, for example, uses the mechanism, but associates it with a person's ID and password.

In creating a Yahoo sign-in seal, subscribers have the option of creating a unique message, such as a street address, or uploading an image. Users also can choose a sign-in seal color.

Web portals, which also offer online shopping and other e-commerce services, have made security a focus to ease consumer concerns. In a study released last year, the Pew Internet & American Life Project found that 9 in 10 U.S. consumers had made at least one change in their online behavior because out of fear of spyware, viruses and other Internet threats.

For example, more than 80 percent of the 2,000 adults surveyed said they had stopped opening email attachments unless they were sure the documents were safe, and nearly half no longer visited Web sites that they feared might deliver unwanted programs.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights