I have wondered before why U.S. banks use weak security measures, such as password authentication, for online banking.
When I opened an account, the clerk at the bank even wrote down my password and told me to change it when I log on the first time.. My bank in Switzerland uses a smart card for authentication. When you open an account the give you a card reader and a smart card. When you want to log on, you have to type in your account ID (something like 10 digits) and they show you a 8-digit number, you then insert the card into the reader an enter you password (in the card reader). After this you enter the 8-digit number in the reader, it then calculates another number which is used for authentication. For a more detailed description, see http://www.xiring.com/xiring-banking/pdf/Case_stud y_UBS.pdf
I think this system is far superior to password based authentication, because only my smart card can generate a number for authentication and the smart card permanently locks down if you enter the wrong password for three times.
So, are there any banks in the U.S which use a similar system and if not, why?
Slashdot Mirror
Free DOS, something like mess-dos? Just say No!
I have wondered before why U.S. banks use weak security measures, such as password authentication, for online banking. When I opened an account, the clerk at the bank even wrote down my password and told me to change it when I log on the first time.. My bank in Switzerland uses a smart card for authentication. When you open an account the give you a card reader and a smart card. When you want to log on, you have to type in your account ID (something like 10 digits) and they show you a 8-digit number, you then insert the card into the reader an enter you password (in the card reader). After this you enter the 8-digit number in the reader, it then calculates another number which is used for authentication. For a more detailed description, see http://www.xiring.com/xiring-banking/pdf/Case_stud y_UBS.pdf
I think this system is far superior to password based authentication, because only my smart card can generate a number for authentication and the smart card permanently locks down if you enter the wrong password for three times.
So, are there any banks in the U.S which use a similar system and if not, why?