Mideast edition, Friday, May 18, 2007

ARLINGTON, Va. — MyPay users now will have an extra layer of security to protect their personal information.

The site, operated by the Defense Finance and Accounting Service, allows servicemembers and Defense Department civilians to check their finances online.

MyPay now features a “virtual keyboard” that requires Internet users to enter their personal identification number without typing on their actual keyboard, a DFAS news release says.

“To enhance security, the keyboard layout changes or keys are displayed randomly every time the page is refreshed,” said Defense Department spokesman Lt. Col. Brian Maka.

The new security measure is intended to protect myPay users from malicious keylogging viruses, Maka wrote in a Thursday e-mail to Stars and Stripes.

“Keylogging viruses attempt to obtain personal information by intercepting information when it is typed on the users’ computer keyboard,” Maka said.

In March, a DFAS official told Stars and Stripes that about two dozen myPay users had their personal information stolen over the previous eight months.

Initial findings showed that neither myPay nor the myPay database had been hacked; rather, the information had been stolen from the users’ computers, probably from spyware.

“The incidents are still under investigation by the DCIS (Defense Criminal Investigative Service), but the problems discovered so far are due either to the user failing to protect their account number and PIN or via key logging,” Maka said.

Other systems that DFAS uses to protect myPay users’ personal information include encryption and firewalls, Maka said.

“We proactively look for and implement new security features on a routine basis to protect our customers against identity theft and scams,” he said.

Sign Up for Daily Headlines

Sign-up to receive a daily email of today’s top military news stories from Stars and Stripes and top news outlets from around the world.

Sign up