[LINK] PayPal to combat phishing with key fobs
Alan L Tyree
alan at austlii.edu.au
Sun Jan 14 14:36:16 AEDT 2007
On Sun, 14 Jan 2007 13:57:18 +1100
Howard Lowndes <lannet at lannet.com.au> wrote:
> Alan L Tyree wrote:
> > On Sun, 14 Jan 2007 13:07:13 +1100
> > Rick Welykochy <rick at praxis.com.au> wrote:
> >> http://arstechnica.com/news.ars/post/20070112-8608.html
> >> "In an effort to protect users from fraud and phishing schemes,
> >> eBay subsidiary PayPal is preparing to offer secure key fobs.
> >> The devices, which display a six-digit code that changes every
> >> 30 seconds, will be made available free to all PayPal business
> >> users, and will cost $5 for all personal PayPal account users.
> >> Those who opt in on the key fob will have to enter the six-digit
> >> code when logging in to PayPal."
> >> Some food for thought for banks.
> >> The weakness in the PayPal idea is that the fob is opt-in. The very
> >> people most likely to fall victim to phishing scams are likely not
> >> to opt-in ... or is that a cynical syllogism?
> > Rick,
> > What other technical methods might be used to prevent (or at least
> > curtail) phishing? Is there some sort of challenge/response approach
> > using software supplied by the Banks or other targets? I need to
> > look at some positive suggestions for this EFT Code review.
> What's needed is not only for the server to require the client to
> authenticate, but for the client to require the server to
> authenticate as well to ensure that the server is really who they say
> they are.
How hard is that to implement? Can I say to ASIC that the Banks could
cut phishing losses at a reasonable price with this approach?
> LANNet Computing Associates - Your Linux people
> <http://lannetlinux.com> When you want a computer system that works,
> just choose Linux; When you want a computer system that works, just,
> choose Microsoft. --
> Flatter government, not fatter government; abolish the Australian
> Link mailing list
> Link at mailman.anu.edu.au
Alan L Tyree http://www2.austlii.edu.au/~alan
Tel: +61 2 4782 2670 Mobile: +61 427 486 206
Fax: +61 2 4782 7092 FWD: 615662
More information about the Link