Computing is the UK's most authoritative voice on business technology issues. Do you agree with the views of our readers from the newspaper's letters page? Computing is the UK's most authoritative voice on business technology issues. Do you agree with the views of our readers from the newspaper's letters page? Computing is the UK's most authoritative voice on business technology issues. Do you agree with the views of our readers from the newspaper's letters page?

« Employees first line of defence | Main | Happy release »

Tuesday, 14 August 2007

PINpoint solution

Of all the mechanisms to defeat fraudulent use of credit cards on the internet that were mentioned in this article (The new fraud squad), I am puzzled that one particular mechanism we use does not  seem to have caught on generally.

To sign on to some of our systems the user needs not only a password - subject to all the usual checks including use restricted to only one or a range of IP addresses - but also  the good old PIN code. So what's unusual about that? Well, the PIN code is dynamic and changes every time. The user is advised of the PIN code via an SMS  message to a mobile. OK, a fraudster could use an unidentifiable mobile phone, but  registered phones and land lines can be checked as registered against the user, and it's one more safeguard. So, why isn't it used more?

Reg Smith.

Posted at 05:51 PM in security |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/t/trackback/1105496/20828207

Listed below are links to weblogs that reference PINpoint solution:

Comments

Post a comment

If you have a TypeKey or TypePad account, please Sign In


Contacts

Recent Posts

Recent Comments

Computing blogs

Archives

Categories

Powered by TypePad
© 1995-2006 All rights reserved