Slashdot Mirror

← Back to Stories (view on slashdot.org)

Banks Begin To Use RSA Keys

Posted by timothy on from the probably-a-patent-on-this-too dept.

jnguy writes "According to the New York Times (free bacon required), banks are begining to look into using RSA keys for security. AOL has already begun offering its customers RSA keys at a premium price. Is this the future of security, and is it secure enough? How long before everyone needs to carry around 5 different RSA keys just to perform daily task?"

5 of 208 comments (clear)

  1. Article not about "RSA Keys" -- Hardware tokens by Steven+Reddie · · Score: 5, Informative

    The article is really talking about using hardware tokens for extra security since the private data is stored on an external token and can't be stolen by viruses, trojans, or phishing scams. I don't even see RSA mentioned in the article -- there is an inset picture of an RSA SecurID but that's as close as it gets.

  2. This is news? by Nehle · · Score: 5, Informative

    My bank (SEB, www.seb.se) has been using a hardware token system for years. I click the sign in button, enter my birthdate, receive two four-digit numbers, start the little device, enter my password and the two numbers and get a six-digit number that I enter in the login page and then I get logged in.
    Is this somehow different?

    Oh, and by the way, works like a charm and I feel a lot more secure than I do with static passwords

  3. House keys by tepples · · Score: 5, Insightful

    How long before everyone needs to carry around 5 different RSA keys just to perform daily task?

    How long before everyone needs to carry around 5 different physical keys? Let's see... we have the house key, the car key, the shed key, the bike key, the gun case key, the baseball card key...

  4. Re:For those who don't want to register: by Xentropy · · Score: 5, Interesting
    A better solution is to use the archive link, which doesn't require registration:

    http://www.nytimes.com/2004/12/24/technology/24onl ine.html?ex=1261544400&en=7cc80182b7687ad9&ei=5090 &partner=rssuserland

    (Link created by the NY Times Link Generator: http://nytimes.blogspace.com/genlink )

  5. Customers expected to pay? by Xentropy · · Score: 5, Insightful
    I'm willing to admit up-front that being the victim of a security breach or some kind of fraud is distressing to the customer, but given the fact most banks (and certainly any bank I would do business with) have zero liability fraud policies nowadays, the only party for whom such a device would be saving money is the bank.

    Therefore, why are customers expected to pay $10 for these? Certainly, banks will recoup the costs somehow (through higher fees in general), but isn't the net effect of this type of technology supposed to be a savings? Isn't it the bank's responsibility (and liability) to make sure their customers' accounts are secure (assuming a reasonable amount of due diligence by said customers)? Isn't the savings in reduced fraud and security breaches supposed to outweigh the cost of the security devices? If not, why does the technology exist?

    It sounds great and all, but unless offered as a free service, I'll sit this one out.