[LINK] Bank to offer SMS security option

[Karl Auer]

> Old news to me, as a NAB customer I have enjoyed (as the other
> Karl has not) this product for many months now.....

It was foisted on us, but we can't and won't use it.

> delay, and the system does not rely on having a mobile phone. Go to a
> telstra shop, or hardly normal, or even order online. Buy a nice
> cordless phone

I.e., spend my money and time doing something the bank can and should do
itself. And I have to use that particular phone for my phone calls too,
just because the bank wants to SMS me my passcodes.

The whole SMS thing is a transparent attempt to externalise the cost of
security hardware onto the customer - and it's not even very good
security hardware, and it doesn't work for all customers. What a gyp.

> I find the one time pads "click this picture to enter your PIN"
> somewhat offensive.

Well - yes. What a stupid way to do it! I am talking about receiving an
actual one time pad or SecurID tag. The OTP I got from my Swiss bank was
a simple credit-card sized slip with 100 codes on it. All I had to do
was remember what code I was up to, and type that in along with my user
ID and password. The bank's interface told me anyway if I made a
mistake. Not the code of course - the number of the code so I could pick
the right one off the card! :-) Now I have a SecurIDtag for that account
instead and it's much easier.

> mentioned the use of keyfob authentication devices

That's what SecurID is. I'm not sure how multiple institutions could
share an authentication fob without all having access to the accounts
held by the others. Centralised authentication would be a very dangerous
thing. Hm.

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)                   +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/                  +61-428-957160 (mob)