Banks Test ID Device for Online Security
Anne & Lynn Wheeler
lynn at garlic.com
Thu Jan 6 08:52:30 EST 2005
oh, and this is old discussion of a unit that has been in use in europe
... it basically is very inexpensive calculator with 7816 contacts that
you can slip a smartcard into. it is used in a challenge/response
scenario, a numeric keypad is used to enter the challenge, which is
passed to the smartcard, which does something and the response is
displayed. the person enters the displayed response.
http://www.garlic.com/~lynn/2001g.html#57 Q: Internet banking
works with anything that can present a challenge and has a numeric
keypad for the response (even works over telephone with VRU).
note that in any online scenario ... the server-side can do security
proportional to risk by making a decision to ask or not ask for
additional inputs. possible scenario is bill pay in home banking, use
authentication for initial access and then if total transactions exceed
some value ... ask for additional authentication input (trading off
convenience and risk, in online scenario it doesn't need to be all just
one way or another way, there is some amount of latitude for adaptive
implementation).
Note that the additional authentication input can also be used for
interpreting the (human specific) input as evidence of approval for the
transaction(s) as opposed to simply authentication.
other pieces of the previous mentioned thread on security proportional
to risk:
http://www.garlic.com/~lynn/aepay7.htm#netbank net banking, is it safe??
... power to the consumer
http://www.garlic.com/~lynn/aepay7.htm#netbank2 net banking, is it
safe?? ... security proportional to risk
http://www.garlic.com/~lynn/2001g.html#57 Q: Internet banking
http://www.garlic.com/~lynn/2001h.html#53 Net banking, is it safe???
http://www.garlic.com/~lynn/2001h.html#58 Net banking, is it safe???
http://www.garlic.com/~lynn/2001h.html#61 Net banking, is it safe???
http://www.garlic.com/~lynn/2001h.html#62 Net banking, is it safe???
http://www.garlic.com/~lynn/2001h.html#64 Net banking, is it safe???
http://www.garlic.com/~lynn/2001h.html#68 Net banking, is it safe???
http://www.garlic.com/~lynn/2001h.html#70 Net banking, is it safe???
http://www.garlic.com/~lynn/2001h.html#75 Net banking, is it safe???
http://www.garlic.com/~lynn/2001i.html#9 Net banking, is it safe???
http://www.garlic.com/~lynn/2001i.html#10 Net banking, is it safe???
http://www.garlic.com/~lynn/2001i.html#16 Net banking, is it safe???
http://www.garlic.com/~lynn/2001i.html#25 Net banking, is it safe???
http://www.garlic.com/~lynn/2001i.html#35 Net banking, is it safe???
http://www.garlic.com/~lynn/2001i.html#36 Net banking, is it safe???
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list