I think that the cost of two-factor authentication will plummet in the face of the volumes offered by e-banking. Also, the more uses for the token, the more shared the costs will be. The question to me is will the FIs go with a anything beyond secure cookies, IP address validation and unique images. Will they be forced to by the powers that be or by disclosure requirements after the basic systems are thwarted?
I also think that the lower end cell phone is now capable of handling the task. While a PC client may not be very secure, it does offer some potential benefits such as auto-validating SSL certs. Whether the carriers will bother with a potential revenue stream in two-factor authentication when they can make more money in ringtones is another question - back to the business model ;). Ian Grigg wrote: > FTR, e-gold were aware of the general makeup of this > threat since 1998 and asked someone to look at it. The > long and the short was that it was more difficult to solve > than at first claimed, so the project was scrapped. This > was a good risk-based decision. The first trojans that I > know of for e-gold weren't spotted until 12-18 months > ago, so it was also a profitable decision. What they are > doing now I don't know. > > In the payments world we've known how to solve all > this for some time, since the early 90s to my knowledge. > The only question really is, have you got a business > model that will pay for it, because any form of token is > very expensive, and the form of token that is needed - > a trusted device to put the application, display, keypad > and net connection on - is even more expensive than > the stop-gap two-factor authentication units commonly > sold. > > iang -- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http://www.wikidsystems.com At last, two-factor authentication, without the hassle factor --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]