Irregular Expressions

Jan 24 2012   12:46AM GMT

Protecting online banking – Part 4

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

I just want to wrap up my thoughts on this.  This is not going to stop every type of attack, there are a few ways to get around this type of authentication method.  The first one that comes to mind is using the authenticated session that the user has created for you already and not waiting to try and log in later.  While saying that, something is better then nothing.  This may not work against a determined targeted attack but at least you wont be low hanging fruit.

I tried to find a few FI’s that I could point you to that had OTP listed as a two factor method, but I just turned up a bunch of old white papers.  I did find mention of FI’s in Germany that used paper for the OTP and various ones using SMS.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: