[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Banking over the net

     For some time several Australian Banks have been interested in 
setting up online banking via the web. Currently the Commonwealth 
Bank does have online banking, but on non-internetworked servers. 
This requires an encrypted password. 
     Currently this involves logging into the bank server directly 
transfering the password, at which case the user has access to their 
accounts. The unfortunate details are that the instructions for the 
account are not sent encrypted. Apart from the initial password, 
all data is sent plain text.
      There is likely to be implemented an inital web trial of this 
service in December this year. Hopefully the security will be 
upgraded a little. Where this is not likely is that the likely 
canditate for encryption over the net is going to be 40bit netscape 
(as what bank wants to go against the wishes of the US gov). 
      The banks feel secure in that they are providing a 128bit 
secured password to the customer via mail. This seems to be the end 
of the security. While the average member of the public blindly 
trusts the banks to keep them safe, and untill there is a user 
friendly means of encrypting data (that the US government supports), 
I can see alot of room for fraud.

        ,'~``.              \|/              ,'``~.
        (-o=o-)            (@ @)            ,(-o=o-),
|                                                              |
|   Soon, we may all be staring at our computers, wondering    |
|               whether they're staring back.                  |
|                                                              |
| [Network Admin For WPA Business Products.  aka doshai >;-) ] |
|    .oooO        http://pip.com.au/~doshai/      Oooo.        |
|    (   )   Oooo.                        .oooO   (   )        |
+-----\ (----(   )-------oooO-Oooo--------(   )--- ) /---------+
       \_)    ) /                          \ (    (_/
             (_/                            \_)
Key fingerprint = 2D F4 54 BB B4 EA F1 E7  B6 DE 48 92 FC 8D FF 49
Send a message with the subject "send pgp-key" for a copy of my key.
(if I want to give it to you)