Wednesday, October 19, 2005
New mechanisms for online banking security
There's talk this week of a new gizmo that increases security for online banking sites, requiring users to enter a one-time key generated by a key-fob device. Great, sounds like fun. Something else to leave at the office, on the sofa, in the dog's basket etc. Seriously, anything that increases security can only be a good thing, but I'm not so worried about my bank knowing I am who I say I am, I'm more worried about knowing that my bank is who they say they are. I can see an obvious extension to the key-fob device that will help reduce phishing attempts: why not have the bank's web site give a code back to you that you put into the keyfob, and you get to find out whether the site is genuine or not? Phishing is a major concern these days, and so far I haven't seen any real action on the part of the banks other than to warn customers about it.
There's talk this week of a new gizmo that increases security for online banking sites, requiring users to enter a one-time key generated by a key-fob device. Great, sounds like fun. Something else to leave at the office, on the sofa, in the dog's basket etc. Seriously, anything that increases security can only be a good thing, but I'm not so worried about my bank knowing I am who I say I am, I'm more worried about knowing that my bank is who they say they are. I can see an obvious extension to the key-fob device that will help reduce phishing attempts: why not have the bank's web site give a code back to you that you put into the keyfob, and you get to find out whether the site is genuine or not? Phishing is a major concern these days, and so far I haven't seen any real action on the part of the banks other than to warn customers about it.
Comments:
Post a Comment
(c) 2003-2005 Russell Beale
Atom
RSS