>From the behaviour of banks we might infer: (1) Multifactor identification is too hard for a proportion of their customers (2) The actual level of successful hacking is passably low (3) So, it is simpler to run suspicious activity monitors and guarantee accounts
- Jim On 19 December 2013 10:23, David Lochrin <[email protected]> wrote: > On 2013-12-18 15:23 Dr Bob wrote: > > > As I said in my original email, ING and CitiBank required the use of a > token and each have provided a RSA fob. > > Sorry for the spam then - I should have read your email more closely > before responding! > > > As an aside, ING and Citibank have provided me with an RSA fob to verify > who I am in certain transactions. I wonder as well if having a fob to > generate a one time password is more secure (not ignoring the fact that RSA > got hacked a some time ago). > > Westpac will also provide an RSA SecurID fob for authorisation of > withdrawals over a certain user-defined amount, though I think I had to > request one. The RSA attack was over two years ago I believe and involved > theft of the database which maps each fob serial-number to its seed, so any > SecurID device manufactured since shortly afterwards should be reasonably > safe. > > > > Thanks for your email though. Also thanks for everyone else who have > made suggestions. I am looking at Tails and that seems an interesting > option but nothing is really secure I guess. I just have to keep a wary eye > on the accounts. > > I have never had any hack into my Internet banking in the 16-odd years > I've had accounts (touch wood...) however I moved away from Windows many > years ago and I wouldn't have an account without something-you-have access > control. If you feel able to speak about it I'd be interested to know if, > and how willingly, the bank involved made up the amount of the theft? I > haven't seen any recent statistics on such crimes, but I'm amazed that the > level of theft hasn't made Internet banking very much more expensive. > > David L. > _______________________________________________ > Link mailing list > [email protected] > http://mailman.anu.edu.au/mailman/listinfo/link > _______________________________________________ Link mailing list [email protected] http://mailman.anu.edu.au/mailman/listinfo/link
