[access-uk] Re: Chip and pin online banking.
- From: "Kevin Lloyd" <kevin.lloyd3@xxxxxxxxxxxxxx>
- To: <access-uk@xxxxxxxxxxxxx>
- Date: Fri, 18 May 2007 15:26:03 +0100
There is an assumption that there has to be a hardware device involved here.
My sighted colleagues at work connect to the network remotely using exactly
this technology, a key fob that randomly generates a pin number every 60
seconds. However, I have a software equivalent that is just as secure.
Basically, the application requires a password to start and then asks for a
4 digit pin number. When the pin is entered, an algorithm is executed that
generates a 6 digit key that in someway is related to the initial pin
entered. This key is valid for 60 seconds before the next is generated. I
simply cut and paste the generated key into the network logon and job done.
A variation on this theme would seem a far cheaper way for banks to tackle
fraud allowing customers to download such an application from the bank's web
site and any future updates to maintain security and integrity.
Regards.
Kevin
E-mail: kevin.lloyd3@xxxxxxxxxxxxxx
----- Original Message -----
From: "Dj Paddy" <mygroups@xxxxxxxxxxxxx>
To: <access-uk@xxxxxxxxxxxxx>
Sent: Friday, May 18, 2007 1:38 PM
Subject: [access-uk] Re: Chip and pin online banking.
> The thing is if we have an opt out then we're not as secure as peers who
> can
> use the technology.
>
> Also if fraud where to occur on a persons account who was eligible to opt
> out would we be reimbursed?
>
> The key is to get the technology working and used by all. If the device,
> (whatever it may be), can be plugged in when prompted and communicate with
> the network unattended, I think this would be the better route than opting
> out.
>
> Dj paddy
> Ôà�
> ----- Original Message -----
> From: "Derek Hornby" <derek.hornby_uk@xxxxxxxxxxxxxxx>
> To: <access-uk@xxxxxxxxxxxxx>
> Sent: Friday, May 18, 2007 1:19 PM
> Subject: [access-uk] Re: Chip and pin online banking.
>
>
> Hi Martin
> You said:
> "natwest are doing the pin machine thing, which is a pest."
>
> Yes but isn't it possible that if a customer cannot use the new
> system simply on grounds of sight problems, the bank may allow an opt
> out.
> Remember even now, we are allowed to opt out from chip and PIN in the
> shops, and use chip and signature.
> Don't know why there is the opt out on chip and PIN in shops,
> when in fact sight isn't actually necessary to use chip and PIN in the
> shops.
>
>
> Regards,
> Derek
>
> e-mail: derek.hornby_uk@xxxxxxxxxxxxxxx
>
> ** To leave the list, click on the immediately-following link:-
> ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
> ** If this link doesn't work then send a message to:
> ** access-uk-request@xxxxxxxxxxxxx
> ** and in the Subject line type
> ** unsubscribe
> ** For other list commands such as vacation mode, click on the
> ** immediately-following link:-
> ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq]
> ** or send a message, to
> ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
>
>
> __________ NOD32 2276 (20070518) Information __________
>
> This message was checked by NOD32 antivirus system.
> http://www.eset.com
>
>
> ** To leave the list, click on the immediately-following link:-
> ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
> ** If this link doesn't work then send a message to:
> ** access-uk-request@xxxxxxxxxxxxx
> ** and in the Subject line type
> ** unsubscribe
> ** For other list commands such as vacation mode, click on the
> ** immediately-following link:-
> ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq]
> ** or send a message, to
> ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
>
** To leave the list, click on the immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** access-uk-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
Other related posts:
