[access-uk] Re: Chip and pin online banking.

Kev,

I'd say the key fob and/or keypad swipe things, are probably because, "it's 
something you have", (part of one multi factor security spec).

I wonder if they had a really good security team on this?  if they did the 
software could be considered more insecure than the hardware/software combo? 
The software only approach, can be more vunrable to middle man attacks than 
a hardware combo.

I'm being a bit anal there because it's more about prevention than total 
lock down with this layered approach to security...

Dj paddy
Ôà
----- Original Message ----- 
From: "Kevin Lloyd" <kevin.lloyd3@xxxxxxxxxxxxxx>
To: <access-uk@xxxxxxxxxxxxx>
Sent: Saturday, May 19, 2007 7:32 PM
Subject: [access-uk] Re: Chip and pin online banking.


Hi DJ.

Yes, it's a one shot deal so no fear from key loggers at all.  Can't
understand why the banks wouldn't have looked at this first before going to
the expense of producing and distributing hardware fobs.

I'll take a look at the software providers web site when I get chance and
post further details for anyone that may be interested or intending to talk
to their banks.

It's ok saying that you can switch banks but if you have other issues with
banks such as offshore call centres, extortionate fees, poor customer
service and maybe based in countries with a lousy human rights record then
you're not going to want to switch to them and, as already stated, we
shouldn't have to suffer a lesser product or service when there are
perfectly accessible and probably cheaper alternatives.

Regards.

Kevin
E-mail: kevin.lloyd3@xxxxxxxxxxxxxx
----- Original Message ----- 
From: "Dj Paddy" <mygroups@xxxxxxxxxxxxx>
To: <access-uk@xxxxxxxxxxxxx>
Sent: Saturday, May 19, 2007 4:10 PM
Subject: [access-uk] Re: Chip and pin online banking.


> Finger print recognition is tied in with bio-metric authentication, and
> because it's an extra step is classed as a multi factor authentication.
>
> I think the software solution, Kev is currently using sounds grand.
>
> Kev, any ideas on how it works?
>
> Could key loggers compromise it or is it a one shot deal with the
> generated
> number?
>
> Dj paddy
>
> ----- Original Message
>
> ----- 
> From: "Derek Hornby" <derek.hornby_uk@xxxxxxxxxxxxxxx>
> To: <access-uk@xxxxxxxxxxxxx>
> Sent: Saturday, May 19, 2007 2:56 PM
> Subject: [access-uk] Re: Chip and pin online banking.
>
>
> Barry says
> "They will use multi factor authentication though eventually."
>
> I was wondering couldn't they use  fingerprint?
> If our  fingerprint was  registered to our  accounts,  and if we could
> send the finger print  down the ine,  then  no way  could it
> be  someone else!
> Regards,
> Derek
>
> e-mail: derek.hornby_uk@xxxxxxxxxxxxxxx
>
> ** To leave the list, click on the immediately-following link:-
> ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
> ** If this link doesn't work then send a message to:
> ** access-uk-request@xxxxxxxxxxxxx
> ** and in the Subject line type
> ** unsubscribe
> ** For other list commands such as vacation mode, click on the
> ** immediately-following link:-
> ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq]
> ** or send a message, to
> ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
>
>
> __________ NOD32 2277 (20070518) Information __________
>
> This message was checked by NOD32 antivirus system.
> http://www.eset.com
>
>
> ** To leave the list, click on the immediately-following link:-
> ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
> ** If this link doesn't work then send a message to:
> ** access-uk-request@xxxxxxxxxxxxx
> ** and in the Subject line type
> ** unsubscribe
> ** For other list commands such as vacation mode, click on the
> ** immediately-following link:-
> ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq]
> ** or send a message, to
> ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
>

** To leave the list, click on the immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** access-uk-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq


__________ NOD32 2277 (20070518) Information __________

This message was checked by NOD32 antivirus system.
http://www.eset.com


** To leave the list, click on the immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** access-uk-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq

Other related posts: