[clug] Internet banking and browser compatibility

Andrew Janke a.janke at gmail.com
Fri Feb 13 05:58:19 GMT 2009

2009/2/13 Alex Satrapa <grail at goldweb.com.au>:
> SOMB uses a randomly permuted numeric keypad layout on the web page, which
> you have to then click with the mouse. Not sure that this really constitutes
> "two factor" authentication, since the keypad on the screen is involved in
> the very environment which is most likely to be compromised (web page, on a
> home computer).

<tick!>  Although if we are going to start to critique what banks use
for the "second factor" ID, then I think SOMB recently took a big step
backwards with their latest incarnation of Internet banking. Before
this it was 3 icons in a similar randomly permuted grid.  Now you have
to "click-in" your _birthdate_ (ddmmyyyy).

nuts.  Someones birthdate would have to be one of the easiest things
to figure out should you happen to be a baddie(TM).
I do like NAB's SMS security doover though.

Mind you I am not changing anytime soon given that you can get a 5.05%
variable rate with SOMB but I digress....

Andrew Janke
(a.janke at gmail.com || http://a.janke.googlepages.com/)
Canberra->Australia    +61 (402) 700 883

More information about the linux mailing list