the limits of crypto and authentication
Florian Weimer
fw at deneb.enyo.de
Sun Jul 10 06:12:53 EDT 2005
> Take a look at Boojum Mobile -- it is
> precisely the idea of using the cell
> phone as an out-of-band chanel for an
> in-band transaction.
>
> http://www.boojummobile.com
In the foreseeable future, this approach won't stop fraudulent
transactions because the one-time password does not depend on the
transaction content. Anything which doesn't display essential parts
of the transaction contents to the end user over a trusted channel is
doomed to failure.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list