More on the spyware front, should banks assume information is stolen?



Sunbelt blog is reporting on some of the countermeasures that some banks are starting to use to frustrate keyloggers. One trick is to request that your pin – number be entered in reverse or a specific order.



Another approach is mouseclicks on a virtual keyboard. Some of these ways can be defeated by eavesdroppers, others are harder. Are we going to have to make it so difficult to log in online that most users won’t bother?

Okay, enter your password using the next to last character first, the second character next, the last character after that, then the first and then any other characters in between. I think I need some tylenol….

The writer at sunbelt further suggests the following….

More is needed. I have seen my fair share of compromised systems. Authentication is old news. Banks, right now, need to work with the belief that their customers have had their account information and PINs stolen.

I see some problems with this assumption, but it is something to think about.

   Send article as PDF   

Similar Posts