Forgot your password?
typodupeerror
Security The Courts IT

Court Rules Passwords+Secret Questions=Secure eBanking 284

Posted by samzenpus
from the nobody-knows-your-mother's-maiden-name dept.
An anonymous reader writes "A closely-watched court battle over how far commercial banks need to go to protect their customers from cyber theft is nearing an end. Experts said the decision recommended by a magistrate last week — if adopted by a US district court in Maine — will make it more difficult for other victim businesses to challenge the effectiveness of security measures employed by their banks. This case would be the first to add legal precedent to banking industry guidelines about what constitutes 'reasonable' security. The tentative decision is that a series of passwords + some device fingerprinting is enough to meet the definition of 'something you know' + 'something you have.' The case has generated enormous discussion over whether the industry's 'recommended' practices are anywhere near relevant to today's attacks, in which crooks usually have complete control over the victim's PC."
This discussion has been archived. No new comments can be posted.

Court Rules Passwords+Secret Questions=Secure eBanking

Comments Filter:

"Consistency requires you to be as ignorant today as you were a year ago." -- Bernard Berenson

Working...