Posted by:
admin
17 years, 1 month ago
And the results are not good.
“The premise is that site-authentication images increase security because customers will not enter their passwords if they do not see the correct image,” said Stuart Schechter, a computer scientist at the M.I.T. Lincoln Laboratory. “From the study we learned that the premise is right less than 10 percent of the time.”
The article also points out that perceived user convenience is more important than security:
Banks immediately knew what they did not want to do: ask customers to
download new security software, or carry around hardware devices that
feed them PIN codes they can use to authenticate their identities. Both
solutions would add an extra layer of security but, the banks believed,
detract from the convenience of online banking.
This is a problem, though, because their opponent is more than willing to install software on the user's computers. Moreover, they are willing to attack an ISP's computers in the middle. This asymmetry will cause problems for financial institutions.
Share on Facebook
