Jaap-Henk Hoepman wrote: > Actually, Dutch banks already give users the option to recieve one-time > pass-codes by SMS to authenticate internet banking transactions (instead of > sending a list of those codes on paper by ordinary mail in advance). So it's > less unrealistic than you think.
there is also the EU bank challenge/response scenario (requires two-way communication protocol chatter). the customer initiates a transaction ... on the internet or even over (voice) phone. the bank responds with a challenge which is entered into a calculator sized device and the display comes back with the response. the response then is either typed or the keyboard (or the phone keypad). basically it is a relatively dumb pin-pad sleave that a chipcard slips into ... some old post visiting the company that makes the devices: http://www.garlic.com/~lynn/2001g.html#57 Q: Internet banking --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]