Friday, December 24, 2004
ID device for online security
The devices, which are handheld and small enough to attach to a keychain, are expected to cost customers roughly $10. They display a six-digit number that changes once a minute; people seeking access to their accounts would type in that number as well as a user name and password. The devices are freestanding; they do not plug into a computer.
The users can still be tricked into revealing their username, password and the number from the device via phishing. I dont see how this solution solves the ever growing problem of phishing. I guess, the banks decided to tackle the issue of password or account hijacking. But they need to consider other security compromise scenarios as well.
Copyright Anand Jain 2004, 2005. All rights