hi all, i suppose the other consideration would be reliability. i've been in shops a couple of times were their C and P machine is on the blink and it's taken a day or 4 for it to be replaced. now if these at home versions go wrong, do we have any time scale from the banks planning to use them for replacements to be issued? if they become a requirement, then you could end up being sort of cut off until the banks get a replacement out to you. or am i missing something here? *smile* kevin - (lord l) "Civilization exists by geological consent, subject to change without notice"-Will Durant contact me: email/msn: kream@xxxxxxxxxxxx skype: lordandladyl ----- Original Message ----- From: "Dj Paddy" <mygroups@xxxxxxxxxxxxx> To: <access-uk@xxxxxxxxxxxxx> Sent: Saturday, May 19, 2007 8:29 PM Subject: [access-uk] Re: Chip and pin online banking. Kev, I'd say the key fob and/or keypad swipe things, are probably because, "it's something you have", (part of one multi factor security spec). I wonder if they had a really good security team on this? if they did the software could be considered more insecure than the hardware/software combo? The software only approach, can be more vunrable to middle man attacks than a hardware combo. I'm being a bit anal there because it's more about prevention than total lock down with this layered approach to security... Dj paddy Ôà ----- Original Message ----- From: "Kevin Lloyd" <kevin.lloyd3@xxxxxxxxxxxxxx> To: <access-uk@xxxxxxxxxxxxx> Sent: Saturday, May 19, 2007 7:32 PM Subject: [access-uk] Re: Chip and pin online banking. Hi DJ. Yes, it's a one shot deal so no fear from key loggers at all. Can't understand why the banks wouldn't have looked at this first before going to the expense of producing and distributing hardware fobs. I'll take a look at the software providers web site when I get chance and post further details for anyone that may be interested or intending to talk to their banks. It's ok saying that you can switch banks but if you have other issues with banks such as offshore call centres, extortionate fees, poor customer service and maybe based in countries with a lousy human rights record then you're not going to want to switch to them and, as already stated, we shouldn't have to suffer a lesser product or service when there are perfectly accessible and probably cheaper alternatives. Regards. Kevin E-mail: kevin.lloyd3@xxxxxxxxxxxxxx ----- Original Message ----- From: "Dj Paddy" <mygroups@xxxxxxxxxxxxx> To: <access-uk@xxxxxxxxxxxxx> Sent: Saturday, May 19, 2007 4:10 PM Subject: [access-uk] Re: Chip and pin online banking. > Finger print recognition is tied in with bio-metric authentication, and > because it's an extra step is classed as a multi factor authentication. > > I think the software solution, Kev is currently using sounds grand. > > Kev, any ideas on how it works? > > Could key loggers compromise it or is it a one shot deal with the > generated > number? > > Dj paddy > > ----- Original Message > > ----- > From: "Derek Hornby" <derek.hornby_uk@xxxxxxxxxxxxxxx> > To: <access-uk@xxxxxxxxxxxxx> > Sent: Saturday, May 19, 2007 2:56 PM > Subject: [access-uk] Re: Chip and pin online banking. > > > Barry says > "They will use multi factor authentication though eventually." > > I was wondering couldn't they use fingerprint? > If our fingerprint was registered to our accounts, and if we could > send the finger print down the ine, then no way could it > be someone else! > Regards, > Derek > > e-mail: derek.hornby_uk@xxxxxxxxxxxxxxx > > ** To leave the list, click on the immediately-following link:- > ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe] > ** If this link doesn't work then send a message to: > ** access-uk-request@xxxxxxxxxxxxx > ** and in the Subject line type > ** unsubscribe > ** For other list commands such as vacation mode, click on the > ** immediately-following link:- > ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq] > ** or send a message, to > ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq > > > __________ NOD32 2277 (20070518) Information __________ > > This message was checked by NOD32 antivirus system. > http://www.eset.com > > > ** To leave the list, click on the immediately-following link:- > ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe] > ** If this link doesn't work then send a message to: > ** access-uk-request@xxxxxxxxxxxxx > ** and in the Subject line type > ** unsubscribe > ** For other list commands such as vacation mode, click on the > ** immediately-following link:- > ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq] > ** or send a message, to > ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq > ** To leave the list, click on the immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe] ** If this link doesn't work then send a message to: ** access-uk-request@xxxxxxxxxxxxx ** and in the Subject line type ** unsubscribe ** For other list commands such as vacation mode, click on the ** immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq] ** or send a message, to ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq __________ NOD32 2277 (20070518) Information __________ This message was checked by NOD32 antivirus system. http://www.eset.com ** To leave the list, click on the immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe] ** If this link doesn't work then send a message to: ** access-uk-request@xxxxxxxxxxxxx ** and in the Subject line type ** unsubscribe ** For other list commands such as vacation mode, click on the ** immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq] ** or send a message, to ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq ** To leave the list, click on the immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe] ** If this link doesn't work then send a message to: ** access-uk-request@xxxxxxxxxxxxx ** and in the Subject line type ** unsubscribe ** For other list commands such as vacation mode, click on the ** immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq] ** or send a message, to ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq