Friday, December 24, 2004

ID device for online security

CNet's reports that starting from early 2005 some banks are going to start issuing small ID devices that let users identify themselves when they log onto the bank's website.
The devices, which are handheld and small enough to attach to a keychain, are expected to cost customers roughly $10. They display a six-digit number that changes once a minute; people seeking access to their accounts would type in that number as well as a user name and password. The devices are freestanding; they do not plug into a computer.

The users can still be tricked into revealing their username, password and the number from the device via phishing. I dont see how this solution solves the ever growing problem of phishing. I guess, the banks decided to tackle the issue of password or account hijacking. But they need to consider other security compromise scenarios as well.

Comments: Post a Comment

<< Home

This page is powered by Blogger. Isn't yours?

Copyright Anand Jain 2004, 2005. All rights reserved.