From: Kenn Humborg (kenn at domain bluetree.ie)
Date: Tue 09 May 2000 - 11:19:25 IST
> Agreed! I use it myself from home only. I'd not use it at work and I'd
> not use it at all were it not that It's not too easy to get to the bank
> sometimes. BOI's site is better from what I hear. I know they used to
> provide you with a little credit card sized algorithmic number
> generator and
> that formed part of your authentication. AFAICR that was two years ago
> anyway but maybe I am just raving!!! Anyone on the list signed
> up with BOI
> online who can confirm this and maybe explain how the system works?
As others have confirmed, BOI are switching over from the older
token-based system to a system that requires:
1. Your user ID (6-digit number)
2. A selection of 3 digits from your 6-digit PIN
3. Two of the following:
o Last 4 digits of your phone humber
o Date of birth
o Favourite type of music
o Favourite type of movie
o Eye colour.
These 5 items are provided on the application form and can, of
course, be lied about. This is all sent via a HTTPS connection.
I can't understand why they still do the random selection of digits.
It made sense when you have to call your PIN out over the phone to
the rep at Banking 365 (the phone banking service). I suggested
that they use the DTMF keypad on the phone to enter the pin, and they
took it a step further by selected 3 random digits from the pin.
This is a really good idea, because lots of phones with displays will
show you all the keys you've hit, and will also play them back when
you hit redial. Kudos there...
Later,
Kenn
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:06:04 GMT