> So is this the security token of the future? > http://national.com.au/Personal_Finance/0,,76862,00.html?campaignID=AQB&optOut=true&ncID=ZBG > > Functionally it is no different. If I have the device and the password > the security is compromised. > > The phone, at least in theory, is more easy to track down if stolen.
I think SMS has a big chance of winning in the online banking world. It solves two problems - both authenticating me to them, but also authenticates them to me (something that a straight PKI solution doesn't do). Solves phishing and provides stronger authentication. Of course, it only works because the two-way relationship between bank and customer is easy to handle (we each store one phone number). Multiple providers all authenticating to each other is where things get interesting. Andrew _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
