This all seems like a fairly complicated solution to a simple problem. Why not just a scramble pad? People still keep a easy to remember PIN, authentication won't take much longer than it already does and unless there is a camera located directly above the user, observation attacks will be pretty much useless.
Latest security headlines from Network World:
Browser war redux, patch time, iPod news
Libertarian Barr, EPIC outline privacy agenda
Microsoft to release four critical patches
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
SecureID - changing pin for a changing world
SecureID has had a car with a 4 to 6 digit pin that changes every minute. Why not just use that technology in cards you wish to protect? Maybe change the delta-T to every 5 minutes and make the code okay to +/- several codes, just in case the code's time sync gets out of sync.
Pros:
- No change to ATMs other than a small software change
- Simple to use and understand
Cons:
- Credit/debit cards are more expensive to manufacture because they have LCD display and logic to include
Make this an optional service: those who want more security can elect to have this; those that don't care can continue on as they do today.