funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: The end of Phishing in sight?

From: Chris Buechler <funsec () chrisbuechler com>
Date: Mon, 17 Oct 2005 16:22:24 -0400
Paul Schmehl wrote:
--On Monday, October 17, 2005 19:06:13 +0000 "Fergie (Paul Ferguson)" <fergdawg () netzero net> wrote:
In two-factor authentication, customers must confirm their identities not 
only through something they know, like a PIN or password, but also with
something they physically have, like a hardware token with numeric access 
codes that change every minute.
OK, I'll bite. Are the banks going to be forced to provide the readers? Or is online banking going to become a thing of the past?
the banks aren't forced to provide anything to the customer, just must require two-factor authentication. I'm sure whatever method the bank provides will have the associated hardware, any software, and any other requirements covered by the bank most of the time. The demand for online banking combined with competition ensures that this will almost certainly be the norm. The official FIL is here: http://www.fdic.gov/news/news/financial/2005/fil10305.html
To Valdis's "if said rules go through", there is no "if" - once there's a FIL, it's a done deal. The FDIC calls it "guidance", but that's misleading at best (they're mandates). "Guidance" on how to avoid getting your doors shut by the FDIC, I guess. ;) 
cheers,
-chris
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: