DISCLAIMER: Logging other people's keystrokes or breaking
into other people's computer without their permission can
be considered illegal by the courts of many countries.
The monitoring software reviewed here is ONLY for authorized
system administrators and/or owners of computers.
We assume no liability and are not responsible for any misuse
or damage caused by the keylogging software. The end user of
this software is obliged to obey all applicable local, state,
federal and other laws in his country of residence.
June 27, 2008
Visa makes 'use once' password cards
Melbourne-based security company EMUE claims that trials of its one-time password (OTP)-generating card will proceed in the next six months at one of the major banks in Australia.
The card contains an embedded microprocessor, a 12-button keypad, a small display where the password appears, and a battery — and is the same size as a standard credit card. To generate a password, the user must enter their PIN using the keypad on the card. Once the right PIN is entered, the card generates an additional OTP that can be entered into banking systems as a secondary authentication.
EMC's security division RSA this month released a similar card called SecurID that generates OTPs when the user squeezes a button in a corner of the card. RSA's card, however, doesn't require users to enter a PIN to generate the password. According to Geoff Noble, RSA's banking and finance specialist, the SecurID card is simply a different form factor to its tokens.
"This is just a stepping stone for us and the next thing is to put out that [card] device with an EMV chip on it," he said.
EMV is the Europlay, Mastercard, Visa standard for chip and PIN cards, which is gradually being introduced in Australia.
Since the introduction of chip and PIN cards in Europe, card not present fraud (CNP) — conducted when the user is not physically present at the time of the transaction, such as internet and phone shopping — has increased, driving growth in the black market for the three-digit CVV (card verification value) security number used to authenticate CNP transactions. According to IBM ISS security researcher, Gunther Ollman, stolen credit card numbers and CVVs are available for as little as US$2.
RSA's ambition to put the OTP generating device on an EMV chip and PIN card appears to have been trumped by EMUE Technologies. Visa Europe announced this month that it will be trialling EMUE's cards under the name "Visa PIN Card" in a number of countries within Europe.
"The banks are being given exclusivity by territory which Visa Europe will announce in due course. At this stage they're looking at four territories in Europe," Brendan McKeegan, CEO of Emue Technologies said.
"The key difference between RSA's card and ours is that ours doesn't have just one button and RSA's is a 'companion card' while ours is integrated into a payment card," he said.
ZDNet.com.au contacted ANZ and National Australia Bank about the products. Neither bank claims to be trialling either the RSA or the EMUE card.
Source: ZDNet Australia
All news for October, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year
DONATION: Keylogger.org is an independent research
project supported by a team of enthusiasts. If you find this
project useful or would like to help foster its continued
development please consider making a donation using PayPal`s
online secure payment service. A PayPal account is not required.
All major credit cards are accepted (MasterCard/Eurocard,
Visa/Delta/Electron, American Express, Switch/Maestro, Solo).
Simply click the button below.
Any amount would be useful and appreciated!
Thanks in advance for your support!
|
