Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security The Almighty Buck Technology

One-Time Pads To Protect Electronic Bank Access 345

dummkopf writes "CNN reports how Scandinavian banks issue one-time passwords to protect customers' accounts when these use the same password for other, i.e., more insecure email accounts. Having a bank account in the U.S. (with a trusted and well known Bank OF nAtional reach) I always wondered why the security was soooo poor: while it has changed slightly now (better usernames/passwords) it used to be the case that your username was your SSN and your password a number code (!). I am sure most of you will agree with me that this is scary... I live now in Switzerland where one-time passwords for online banking are a must and where my current bank is one of the 'crappy' ones with a little card with one-time passwords like mentioned in the CNN Story. The nicer ones even give you credit-card-size RSA password generator which is combined with a calculator you can keep in your pocket. Hence my question: are others also worried about poor security of online banking in the U.S.? Are there banks which are better than the ones mentioned above?"
This discussion has been archived. No new comments can be posted.

One-Time Pads To Protect Electronic Bank Access

Comments Filter:
  • by Anonymous Coward
    I'm poor.
    • by ePhil_One ( 634771 ) on Wednesday June 02, 2004 @05:35PM (#9320118) Journal
      I'm poor.

      Funny as it sounds, just wait till someone get a hold of your identity, you'll be poor and deeply in debt. Scammers are very good and obtaining credit, it helps that they don't fear the repercussions of being unable to pay.

      Being poor is no reason to not protect your identity. You'll just get more funny looks.

      • by Master of Transhuman ( 597628 ) on Wednesday June 02, 2004 @09:26PM (#9321817) Homepage
        If you're poor, how do you pay the debt?

        Answer: You don't. You tell the idiots who accepted somebody else as you that they're shit out of luck getting any money out of you and they'd better start looking for the guy who took them to the cleaners.

        Which they should have done in the first place.

        Of course, it's a hassle TELLING all these people that...

  • Nothing New. (Score:5, Informative)

    by MKalus ( 72765 ) <mkalus AT gmail DOT com> on Wednesday June 02, 2004 @04:08PM (#9319210) Homepage
    Banks in Germany always required you to have:

    Login & Password.

    And then for EACH transaction an TAN (TransActionNumber) which was a one time password that they mailed to you in a batch of I think 25.

    So in order to complete a transaction you not only needed the username and Password but also a TAN.

    More secure than they do it here, where you just log in and then it's a free for all.
    • Re:Nothing New. (Score:3, Insightful)

      by stratjakt ( 596332 )
      The problem is if Mary has a list of 25 TAN's that she's crossing out, what stops me from sneaking up behind her, knocking her out with a blackjack, hiding her body in a dark corner, and then draining her account?

      Sorry, been playing too much Thief 3 lately.

      But my password is as secure as I make it, so is my login (which I chose and is just as obscure as my password). Both exist only in my head.

      The problem inherent with one-time passwords and TAN schemes is that people print them out and stick them on th
      • Re:Nothing New. (Score:3, Interesting)

        by Hard_Code ( 49548 )
        "The problem inherent with one-time passwords and TAN schemes is that people print them out and stick them on their monitor with a post-it."

        What is the utility of doing that since they are ONE TIME. Why would you ever want to post it up after it was used once? Presumably they are "scratch off" so merely putting the booklet up won't make it obvious what the passwords actually are. And then they STILL need your real password first.
        • Re:Nothing New. (Score:5, Informative)

          by Apogee ( 134480 ) on Wednesday June 02, 2004 @04:54PM (#9319752)
          As the person who originally posted the story, I am living in Switzerland, so I can maybe provide a little insight into the mechanics of the system.

          It's been a while since my nice [ubs.com] bank has switched from the TAN system to the calculator/login device + chip card, but if I remember it right, it's not only the TAN that authenticates you, it's your user name (or more precisely, your account number - after all, we're in Switzerland, the home of number accounts) and a password of your own choice, plus the current TAN, used only once. This seems to me to be a pretty good system, as you prove your identity by:
          • knowing your account number
          • knowing your personal, secret password
          • knowing the current, one-time-pad TAN

          With the login device I am using now, you need to:
          • know your account number
          • posess the chip card
          • unlock the chip card with a PIN of your choosing (and 3 bad tries block the card forever)
          • read a challenge off the login screen, and type it into the login device
          • post back the response the login device generates

          Knowledge of any one of these is useless, you need to know all of them, so I think the system is pretty secure. Frankly, I was slightly mystified to read that US banks rely on only one token of authentification ... I would have imagined systems similar to the ones I described are commonplace. Seems I was wrong.
          • Re:Nothing New. (Score:3, Interesting)

            I'm not usually one to re-reply, but after looking over these chip cards, it looks like it just accepts your PIN and then spits out a secondary password. I'm thinking, that sounds ok. You get to choose your username, and your primary passwd and then you have to punch your pin into the calc device to get your new randomly generated password. Not bad. What i'd like, though, would be a USB keychain device, or PC card, smartcard, whatever, that you activate it and stick in your computer when you need to log

    • Hmmm, here in the US I need a digital password that I supply and a physical card with a piece of authorization mailed from the bank for each transaction. Many places require authorization with a physical signature if you don't use the card, and use one of their pre-supplied (mailed to me by the bank) slips of paper with their routing information on it.

    • Re:Nothing New. (Score:3, Insightful)

      by gmanic ( 761667 )
      Another possibility in Germany is to have your bank card carry a secret key, protected by (another) pin. This is the hbci standard. Combined with a class 3 cardreader (cheap from your bank, having it's own keypad (for secure pin processing) and display (for interaction with the card), this is secure enough for me.

      Thief would need my account-no. (ok, that's _pretty_ easy), my card and my card-pin (different to my internet banking pin). And, I can use some fancy home-banking apps (even available for linux).
    • I can confirm this. I can see the balance and recent transactions using my account number and password, but if I want to actuall move any money, I need a number from my TAN list. They will tell you what the last TAN number was that you used, so you know what the next one is ONLY if you have the list in front of you.

      Your account number is public (many business put their account number on their website so it is easier for you to pay them), and you keep your password (something you know) and your TAN list (so
    • The postbank in the Netherlands used to rely on a accountcode, and two 6-number PINs, of which you could only change one, and a list of TANs.

      Nowadays you can choose your own username and password (a vast improvement as you're less likely to write it down) and have the option of either getting TANs printed and mailed (you have to show the postman ID) beforehand, OR sent by text message (again, your GSM number is confirmed via a code sent via registered and to-be-IDed-for mail).

      The neat thing about the TANs
  • by danielrm26 ( 567852 ) * on Wednesday June 02, 2004 @04:09PM (#9319215) Homepage
    Combining something you have (the scratch-0ff bit, an ATM card, or an RSA token) with something you know (a password) will soon become the standard for most everything. I for one can't wait.
  • Hence my question: are others also worried about poor security of online banking in the U.S.?

    In my bank the online banking site allows me to check the balance and that's about it. Doesn't leave too much to the intruder.

    I can also contact the bank via e-mail and ask to change address or anything else, but that would require a phone call confirmation as well.
    • Re:What security (Score:3, Informative)

      by silentbozo ( 542534 )
      Many banks now have bill pay services, and some of the more poorly constructed ones (I won't mention names because I have an account with one of em :P), actually display your social security number when you log into the bill pay section. Most banks aren't that stupid, but you still run the risk of someone "paying" a bill that you didn't authorize, or cleaning out your bank account by transferring funds into your credit card, and then spending that dry.

      Keep in mind folks, that in the US, electronic funds
      • Re:What security (Score:3, Insightful)

        by chaotixx ( 563211 )
        Keep in mind folks, that in the US, electronic funds transfers just require your account number, and bank routing number. Someone armed with those two numbers, and a cooperative banking service, can drain your accounts dry, just as if someone got a hold of a blank check and forged your signature. In either case, you're in trouble unless someone at your bank puts up a red flag and stops it.

        I've always wondered what keeps someone from simply taking a check you've written (to them possibly) and then using t

      • Keep in mind folks, that in the US, electronic funds transfers just require your account number, and bank routing number. Someone armed with those two numbers, and a cooperative banking service, can drain your accounts dry, just as if someone got a hold of a blank check and forged your signature.

        Are you sure there's no signature or any additional requirement? My bank required me to show up in person and sign two forms, present the ID and all, to do the wire transfer.

        Like the poster before me noted, what'
        • Re:What security (Score:3, Interesting)

          by silentbozo ( 542534 )
          A wire transfer is different from an ACH transfer, also known as EFT (electronic funds transfer), direct deposit, or direct debit. To give an example, when drawing funds into a PayPal account, you use ACH transfers - the only way that they know that the account belongs to you is when you identify the sums deposited into your account during the setup process.

          Like the poster before me noted, what's to prevent someone from simply looking at your check and copying the data?

          Nothing.

          Attempts to defraud c

    • Re:What security (Score:3, Interesting)

      by PunchMonkey ( 261983 )
      In my bank the online banking site allows me to check the balance and that's about it. Doesn't leave too much to the intruder.

      My regular bank is a branchless bank in Canada, they're website offers quite a bit of functionality including transferring money to other accounts.

      But what really concerns me is *physical* security. I have a small bank account with CIBC (another Canadian bank). I needed about a thousand bucks off my account, so rather than using the atm, i went inside, handed the teller my flimsy
  • Our Bank (Score:2, Insightful)

    by JoeShmoe950 ( 605274 )
    My local bank simply has us use our name to sign in, and a password we choose. Because I choose passwords, and I don't have much money, i never thought of this as very scary. I guess that in the event that somone tried to steal my money though, I would be quite vulnerable. One better technique that I've learned is to spread your money through multiple accounts. No one will want to waste much time breaking into a few accouns with small soums of money when someone out their has lots in one account.
  • Not a one-time pad (Score:5, Informative)

    by kzinti ( 9651 ) on Wednesday June 02, 2004 @04:11PM (#9319236) Homepage Journal
    Single-use passwords are not the same thing as a one-time pad, which is a form of encryption. However, one-time passwords do sound like a good idea. Given reasonably good encryption like in SSL, then password management becomes a weak point - which this scheme addresses. (Just parroting Schneier, and wondering if this scheme will get mention in the next Crypto-gram newsletter.)
    • by ryanwright ( 450832 ) on Wednesday June 02, 2004 @04:22PM (#9319404)
      One time passwords are fine for the average Joe. But this article is silly:

      But it's difficult to remember dozens of strong passwords -- so many sites now require them.

      Whatever. You simply need a pattern combined with "phrases" that only you know. For instance, your phrase could be "Jack and Jill went up the hill", so your password would be, "JJW!TH". Then you add a number to it that you can remember, for instance, the last four of your phone number reversed. So JJW!TH9834. Now throw in something unique from each site you visit. Take Google, perhaps Jack and Jill don't go up the hill, they go to Google: JJW!TGGL9834. Or on Hotmail, perhaps Hotmail went up the hill: HMW!TH9834. Mix and match for various web sites.

      Easy to remember, extremely difficult to break. Secure enough for most anything us common folk would do - including online banking - and not such a hassle as carrying around scratch-off cards or RSA keys everywhere you go.
      • Easy to remember, extremely difficult to break.

        I agree with the second statement, but not the first. I think it *could* be easy, for certain types of people, but not John & Jane Doe. Coming up with a phrase-based password is something I think everyone can aspire to. But add in site-specific randomness and you'll quickly hit "post-it note passwords" - random, secure passwords pasted right on the monitor.

        However, I do agree passwords are much more convenient than some kind of physical or electronic
      • by cOdEgUru ( 181536 ) on Wednesday June 02, 2004 @04:43PM (#9319648) Homepage Journal
        You bastard!!

        *Sighs*

        *Proceeds to change all my passwords starting with the bank account*
      • by prodos ( 50696 ) on Wednesday June 02, 2004 @05:07PM (#9319899)
        I can foresee a problem with this when you start using these sorts of passwords for places with password expiration. You can't use your original clever creation, so now you must come up with variations on it every couple months or so; like incrementing the number at the end, so you have JJW!TH9835 etc. But then you start having "version" issues where some passwords expire faster, and some not at all... so you might have JJW!TGGL9839 and HMW!TH9842. Of course, you could change ALL your passwords whenever one of them expires... but then you have to remember every single place you've set up such a password.
      • by the_skywise ( 189793 ) on Wednesday June 02, 2004 @05:09PM (#9319913)
        I finally got them to use a phrase using l33tspeek for a password: (IE l33tm0m)

        Still not as good as your technique, but easy enough for them to remember and not as bad as what they were using.

        Mom: (entering password) click, click
        Me: "That's an awfully short password mom, what're you using?"
        Mom: "My birthdate: 1217"
        Me: "AAAUUUGGGHHH!"
        Mom: "What's wrong with that? I don't give it out."

        (Note: Birthdate changed to protect the innocent.)
      • The goal of initiatives like this is not to allow better security. The current scheme allows for relatively decent security. However, the easiest way to use the current scheme (one password everywhere or trivial passwords) is incredibly insecure. It is difficult enough to remember dozens of strong passwords that people choose not to.

        The goal of initiatives like this is to make decent security the only easy way. It is worth increasing the hassle a bit, even for users like you, if it drastically increases th
    • by arivanov ( 12034 )
      However, one-time passwords do sound like a good idea

      NOPE

      The best idea is a password of whatever persuation and a x509 certificate used for SSL which is ussed by the bank in the sign on process. As a result you are always asked two passwords one of which cannot be set to "remember" - your SSL cert store and your bank username/password. This combines luser authentication with machine authentication. As a result you have to steal the machine used by Joe Average in order to use his/her bank account. This

  • I have the same thing in the netherlands with ABN, a 'pin pad' that I pop my card into. I type in my PIN to authenticate, then the challenge the bank website gives me, then the pin pad returns a result I type in to perform a log in or a payment/transfer. .. don't let your kids play with it.. you'll find yourself locked out of your bank card haha
  • by kneecarrot ( 646291 ) on Wednesday June 02, 2004 @04:11PM (#9319244)
    I do my banking with a local bank here in Saudi Arabia which has recently upgraded all its ATM machines with biometrics. I need only to register my fingerprint with the bank and then swipe it at the ATM to do my banking. Years ahead of its time.
    • by British ( 51765 ) <british1500@gmail.com> on Wednesday June 02, 2004 @04:20PM (#9319380) Homepage Journal
      ....provided you never have been convicted of theft twice.
    • Do you remember to wipe the sensor after use?

      I am reminded of an article several months ago on spoofing fingerprint readers. The gelatin technique [schneier.com] is likely the one most Slashdotters remember, but for some, it was sufficient to blow on the detector. c't [heise.de] has lots more fun details, but these have both been on Slashdot before.
    • by Cthefuture ( 665326 ) on Wednesday June 02, 2004 @04:30PM (#9319495)
      I work in the security field (mostly smartcards and biometrics) and I can tell you that if that's all they have then their security sucks.

      Biometrics are highly inaccurate/insecure. We break them all the time. I myself would never use anything important that was secured with only a biometric. Even a 4 digit limited error PIN would be more secure.
      • It is secured with a *card* and a biometric.

        Something you have, something you know, something you are. Two out of three is considered good security.

        Biometrics is something that you *are*. There are implementation issues, sure, but people are far too hard on it as a method of authentication.
    • in Saudi Arabia ... I need only to register my fingerprint with the bank and then swipe it at the ATM to do my banking

      So all a mugger who steals your card has to do, to get access to all the money in your account, is: cut your finger off and take the finger to the ATM?

      And you like this system?

      ... and some brain-damaged moderator modded your post up?

    • I used to think that (Score:3, Interesting)

      by cgenman ( 325138 )
      I used to think biometrics were the ultimate form of authentication. Then I worked at a company which used fingerprint scans as a clock in / clock out device. After a few good years of use, the thing couldn't tell a fingerprint from a warm hot dog. I actually tried that once, it validated me. It would also validate on the back of the hand, the elbows, and a few other body parts that involved seriously cleaning the pad afterwards.

      While the idea may be great, I've yet to be convinced of either the streng
  • Equipping your 1 million customers with some kind of secure random password generation smart card probably costs $40 each, both for the card and programming as well as associated infrastructure and overhead costs. So this security is a $40 million expense with no real benefit for the bank itself. Add in the costs of customer and staff training, eventual replacement of cards due to wear/loss/theft/whatever, and this is a very expensive proposition.

    As much as I'd love to see this implemented at every bank
  • Misleading headline (Score:3, Informative)

    by Anonymous Coward on Wednesday June 02, 2004 @04:12PM (#9319251)
    The article in question is describing a one-time password, but not a one-time pad. A one-time pad must be as long as the message being encrypted.
  • It's about time... (Score:3, Insightful)

    by Mz6 ( 741941 ) * on Wednesday June 02, 2004 @04:12PM (#9319252) Journal
    I guess it was only a matter of time before more commercialized security practices made it to the general public. SecurID is used in a lot of different places, for example, the US government. It was about time that this sort of security practices made a more outreaching affect on the rest of the World.

    One caveat I had about this article was this....

    "Outfitting 1 million customers with such devices could cost $20 million, while Internet fraud for those customers amounts to "tens of thousands at most," said Tony Chew, director of technology risk supervision at the Monetary Authority of Singapore. Singapore banks thus limit dynamic passwords to fund transfers, he said."

    This is a pretty bold statement coming from the director of technology risk at eBay. eBay has pretty much become the breeding ground for scams and frauds. With millions of items up for auction at any one time this doesn't make any sense. I believe I read an article several months back that eBay estimated that at any one time about 3% of their auctions are fradulent. A small number in comparison to the number of auctions that are ongoing. Doing a totally unscientific experiment, I averaged about 3,000,000 ongoing auctions at eBay, and took the 3% of fraud auctions = 90,000 auctions. I would imagine atleast an average of $100 per auction completion. That puts it at $9,000,000 at any one time and that's only from eBay. This also doesn't acocunt for auctions that were performed outside of eBay as the P-P-P-powerbook [slashdot.org] one was so performed. Also, imagine the thousands of other financial banks and credit card companies doing business online. And let's not even get started on Paypal.

    *Notice.. this was a totally unscientific experient performed by myself.

    I think that when putting these numbers all together would make a strong case for such two-factor authentication. I don't mind a second step if it's going to save me money if someone really wants into my banks, eBay acocunts, etc...

  • by RobertB-DC ( 622190 ) * on Wednesday June 02, 2004 @04:13PM (#9319262) Homepage Journal
    I know it's cliche, but I still get stuck in line behind people who don't understand the basics of the ATM machine interface. Inserting (or swiping) the card throws them off. Grocery store POS systems, never consistent between chains, present even more hurdles. I've seen "Pay at the Pump" customers drive off because they just don't understand the instructions.

    You want to give these folks RSA dongles? They don't even see the security implications of putting their entire credit line on their keychain [speedpass.com] with not even a PIN for validation.

    The two problems are simple: People here won't understand it, and they won't care.

    Why this works in Europe is beyond me, but I'm sure there are plenty of cliche anti-American rants to help explain it.
    • Ok, I'll bite... (Score:2, Insightful)

      by raehl ( 609729 ) *
      What is the security impication of putting my entire credit line on my keychain? I've already got my entire credit line in my wallet....
      • Re:Ok, I'll bite... (Score:3, Interesting)

        by RobertB-DC ( 622190 ) *
        What is the security impication of putting my entire credit line on my keychain? I've already got my entire credit line in my wallet....

        I guess you're right... it's not that much tougher to slide a stolen credit card (swipe a swiped card?) through the slot, than it is to wave a Speedpass over a sensor. Makes me think again about that wallet full of cards... thank goodness they're already maxxed out. :)
    • Using my RSA I enter a password and the RSA keychain number. It's two factor, so access to my entire credit history isn't on my keychain.
    • Inserting (or swiping) the card throws them off. Grocery store POS systems, never consistent between chains, present even more hurdles. I've seen "Pay at the Pump" customers drive off because they just don't understand the instructions.

      The local supermarket is packed with MIT students, faculty and staff -- and they have as much trouble with those ATMs as everyone else. (Supposedly Stallman shops there, but I've never had the privilege of watching him use one. He'd probably be complaining that the system pr

    • same bank
      swiss vs us ebanking
      UBS Swiss Ebanking [www.ubs.ch]
      UBS US Ebanking [ubs.com]
      how ebanking works for me [www.ubs.ch] sorry but everyone who doesn't understand this should not be allowed to have ebanking .. not even a bank account
      i don't know why you americans let yourself be fisted by corporations like this!!!
      maybe you are all masochists :p
    • If you give people scratch off cards with a one-time PIN on it, they will take a sharpie and write their username and password on the back of it. Guaranteed.
  • by fiannaFailMan ( 702447 ) on Wednesday June 02, 2004 @04:13PM (#9319265) Journal
    They give you an 8 digit security number when you open an online/digital TV banking account with them.

    To log in you need to enter:

    • A 12 chacacter alphanumeric code as your username (given to you on a card when you sign up)
    • Your date of birth
    • Three digits from your security number, and it's different digits on each subsequent visit. For example on one visit you'll be asked for the 1st, 2nd, & 3rd digit. The next visit you might be asked for the 4th, 6th & last.
    I have a lot of respect for the HSBC. Their customer service is also second to none - with my US bank I frequently find myself getting passed around between different customer service reps and having to tell my story from the beginning each time. Not so with the HSBC, they know my name before I've even spoken, and they never lose track of me no matter how many people I get passed along to.
  • by steevo.com ( 312621 ) on Wednesday June 02, 2004 @04:13PM (#9319269)

    There really isn't a lot of damage that someone could do with my online banking account.

    I can't transfer funds to an account that is not mine.

    The information that is available online about me and my account is less than what is available on a check. I guess I should be more concerned about that, but I have no control of my checks once I have used them to pay for something.

    My Debit card information is not available online.

    About the best someone can do with my account is see my balance.

    • That sounds quite limited online banking experience. Here in Finland you can transfer you money to any account you want (that is how bills are paid), but you can also apply for loan, cancel your creditcards etc. Fortunately we do use these one-time passwords so the risk of this happening is quite low. IIRC the banks here have always used one-time passwords, atleast they did when I had my first online banking experience with 2400bps modem.
  • by mindstrm ( 20013 ) on Wednesday June 02, 2004 @04:13PM (#9319270)
    A scratch-off password list is a password scheme.

    a One-time pad is an encryption algorithm.

    The two have basically nothing to do with each other.

    A one time pad:

    Generate a random pattern of bits of the same length as the plaintext. XOR the two. The resulting ciphertext and the random field are now both requried to re-generate the plaintext (to call one the ciphertext and one the key is wrong too. they are both statistically equivalent).

    Both are also completely useless by themselves, and truly totally, provably, unbreakable.

    This is the only form of unbreakable encryption.

    The moment you use a pad more than once, though, it ceases to be a one-time pad, and is breakable.

    • I knew that I was going to get FPd on the pad!=password thing, but The two aren't completely separate. There's a bit of an equivalence in that you have a one-use set of information that is used to authenticate a transaction. -- makes life that much harder on an interloper. (( I agree that, mathematically, they're not related ))
      If the transaction is actually encrypted with the one time password before it's tranmitted, then it might even provide an additional barrier against breaching SSL.
    • by nacturation ( 646836 ) <nacturation&gmail,com> on Wednesday June 02, 2004 @04:45PM (#9319661) Journal
      This is available on FreeBSD [onlamp.com] and likely other *nix systems out there as well. Here's the nutshell overview for the über-grokkers.

      Adding your login to the database of one-time passwords and displaying the first login password:
      $ opiepasswd -c
      Adding dlavigne6:
      Only use this method from the console; NEVER from remote. If you are using
      telnet, xterm, or a dial-in, type ^C now or exit with no password.
      Then run opiepasswd without the -c parameter.
      Using MD5 to compute responses.
      Enter new secret pass phrase:
      Secret pass phrases must be between 10 and 127 characters long.
      Enter new secret pass phrase:
      Again new secret pass phrase:

      ID dlavigne6 OTP key is 499 dh0391
      CHUG ROSA HIRE MALT DEBT EBEN
      "499" is the counter, "dh0391" is the seed. Combined with the password, you can generate additional logins from any computer, on- or offline. Generating additional login passwords:
      $ opiekey 498 dh0391
      Using the MD5 algorithm to compute response.
      Reminder: Don't use opiekey from telnet or dial-in sessions.
      Enter secret pass phrase:
      MASK BALM COL HER RIFT TERM

      $ opiekey -n 10 497 dh0391

      Using the MD5 algorithm to compute response.
      Reminder: Don't use opiekey from telnet or dial-in sessions.
      Enter secret pass phrase:
      488: COIN LO DOG GOLF ACTA FULL
      489: SOD STUN SINK DRAW LAWN TILT
      490: MALT STAY MASH CAR DEBT WAST
      491: HOWE DRY WALL TOO BUDD SWIM
      492: ROOT SPY BOND JEST HAIL SCAR
      493: MEAN ADD NEON CAIN LION LAUD
      494: LYLE HOLD HIGH HOME ITEM MEL
      495: WICK BALI MAY EGO INK TOOK
      496: RENT ARM WARN ARC LICE DOME
      497: LEAD JAG MUCH MADE NONE WRIT
      And logging in:
      login: dlavigne6
      otp-md5 498 dh0391 ext
      Password: (here I pressed enter)
      otp-md5 498 dh0391 ext
      Password [echo on]: mask balm col her rift term
      The beauty of this is that you can turn it on and safely login as root using a telnet session as replay attacks won't work since the password has already been used. Of course, "safely" here only applies to password reuse as a telnet session doesn't prevent other problems, such as man-in-the-middle attacks. Because this uses a standard algorithm, you can even generate new login passwords as needed from a PDA -- it doesn't have to be generated directly on the host system. So if you're SSHing to your server to fix a problem and you're in some internet cafe, you don't need to worry about keystroke loggers picking up the password. Type it in via plaintext as it'll never get reused.
  • by r_cerq ( 650776 ) on Wednesday June 02, 2004 @04:14PM (#9319283)
    A few months ago, most (AFAIK, all) portuguese banks updated their online banking auth systems.

    There's no standard, and they seem to be having some dificulty balancing user-friendliness with security.

    The current "hip" thing is to require a login/password pair, followed by things like:

    - Enter the the sixth and second numbers of your ID card/passport (random positions)
    - Enter your numeric PIN using the randomly placed JavaScript keypad
    - Use the code-matrix card (provided by the bank) and enter the value in square 4C
    - Confirm every money-moving operation with digits in random positions from a fixed (long) code given to you by the bank. Said code is regenerated every month. ... and so on.
    I don't thinks there's any bank here using plain login/password auth. There were attempts to use personal x509 certs, but most users had trouble installing them or using them.
  • simple economics (Score:3, Insightful)

    by hazem ( 472289 ) on Wednesday June 02, 2004 @04:15PM (#9319301) Journal
    When the costs of fraudulent use of accounts exceeds the cost of implementing more secure access methods, the banks will then implement more secure methods.

    Besides, what can you do from most US online bank systems? Check balances, transfer funds from one type of account to anther (savings to checking), or maybe even transfer to another member of the same bank? These are all very traceable and means that really stupid criminals will get caught.

    It's probably much easier to just steal credit card numbers.
  • by 26199 ( 577806 ) on Wednesday June 02, 2004 @04:16PM (#9319322) Homepage

    ...why are we still using a system that relies on you trusting every single person you give your credit card details to? It would be perfectly possible to generate a one-time authorisation code for each transaction...

    • American Express used to (still does? I am at work and for some reason, my network admins have decided that is a site I cannot reach....). They would give you a unique CC number each time to use, and it would be single use only. Pretty spiffy.
      • American Express's one-time card number system was called Private Payments [americanexpress.com], but they cancelled it just a few weeks ago. I'm guessing because not enough people used it. I used it for all my on-line purchases, because even if I'm not liable for fraud, the trouble of generating a one-time number (and their site was a bit of a pain) is worth avoiding the hassle of the fraud recovery process. As a bonus, nobody could automatically renew any subscriptions I bought.
    • I can see one reason - the credit card companies (in the case of credit cards of course and not debit cards) are liable for most (all but about 30-50 or so) of any amount fraudlently charged to your card. So there is next to no benefit to the customer, and I suspect the banks themselves have judged the cost of migration to be greater than the money lost due to fraud.
  • Living in Denmark I am a customer of 'Danske Bank' (Danish Bank) who recently deployed an optional ActivCard password generator.

    Usage is easy: punch in a selfdefined 4 digit PIN-code and the calculator-thingie returns an 8 digit password code. What's more: when doing transactions one will be presented with a 6 digit code that one has to punch into the ActivCard, which then returns a 6 digit confirmation-code that one has to key in in order for the transaction to take place.

    It sounds like a lot, but it rea
  • by David Jao ( 2759 ) * <djao@dominia.org> on Wednesday June 02, 2004 @04:17PM (#9319341) Homepage
    The title of this article is inaccurate. A "one-time password" is not the same thing as a "one-time pad".

    A "one-time password" means a password that is used once and discarded. This password is typically used only for authentication purposes. By contrast, a "one-time pad" is used for encryption purposes.

    One-time pads are almost never useful for typical internet situations because they are very easy to misuse and very insecure when misused. They also don't solve any problem worth solving -- conventional encryption is already strong enough that the added security of a one-time pad has no value in typical internet situations.

    One-time passwords, on the other hand, do potentially have some value, because the currently available password authentication systems are quite weak compared to the strength of the corresponding encryption systems.

  • There's a virtual (online only) bank here in Poland that has used one-time pads for the last couple of years.

    My current bank uses a secure token [vasco.com] to protect online access.

  • by raehl ( 609729 ) * <raehl311.yahoo@com> on Wednesday June 02, 2004 @04:19PM (#9319371) Homepage
    Stronger security should only be provided if the cost of implementing that security (money, time, convenience) is less than the costs of not implementing it.

    From my perspective, if someone breaks into my account, it's a hassle, but not a huge deal: My account is insured, and I get my money back. I'd rather deal with the inconvenince of this happening once or twice in my lifetime than having to deal with carrying and using a password generator for my entire life.

    From the bank's perspective, it is probably cheaper to lose some money to accounts being compramised than to implement better security across the board. That translates to lower costs (or better interest) for me the customer, which is also nice. I'm fairly confident this is true, because were it better (cheaper, more convenient) to have stronger security, my commercial bank (always wanting to make a buck) would be doing that instead.

    Your house would be more secure if you had bullet-resistent windows, steel-reinforced cross-bar doors, one-time pad electronic access, and 24/7 security guards, but most people the find much "weaker" deadbolt/key combination to be the BETTER solution.
  • Even after what they did to Kevin Flannagan [nomoreh1b.com]?

    I don't trust banks that fire their programmers to hire people working offshore for $2.50/hr- there's just WAY too much potential for abuse there. After all, why would your bank card data be secure, when any one of their offshore programmers can get away with many hundreds of years worth of salary by selling your identity on the black market?
  • In Sweden, there are several system in use. The arguably largest bank, Nordea, uses a combination of printed one-time-pads and personal codes.
  • What about employing retinal scan devices. They can be produced cheaply. My credit card company provides me with a credit card with smart chip and they provided me (free) the smart card reader. They also can provide one-time usage credit card numbers. So if I wish to make a purchase I can get this number, plug it in - it works and is then disabeled... Now another bank that i use SS# and 4 digit pin - freaky --- luckily i do not have much money there and online bill payment is disabeled.
  • by Jaywalk ( 94910 ) on Wednesday June 02, 2004 @04:32PM (#9319526) Homepage
    I long ago gave up on complicated passwords as being too hard to remember and turned to using a simple one. The trick is that I pump it through a process that exists only in the dark recesses of my brain to make a complex password. For example, suppose I want to have an account at First National Bank. My base password is simple: it's "First". Then comes the construction part.

    For example, I dredge up the number 42 (the answer to Life, the Universe and Everything) and some nonsense word. Let's say it's "snert". Pump it through the construction process and I come up with "first47snertt". Not exactly intuitive, but I'm just adding the number of letters in "first" (5) to my number and the last letter ("t") to the end of the nonsense word.

    The result is a pretty strong password. No cracking program is going to have the word in it's dictionary and knowing my password to First National isn't going to tell you that my password to Discover is "discover50snertr". Since "snert" is nonsense anyway, there's no way to tell where the letters come from; you could be sticking the third letter in "Discover" onto the beginning and your nonsense word could be "nertr". There are no rules to how to construct the password, but you want to have an obscure way for the base password to modify the gibberish in the rest so knowing one password will not give you the rest. It saves me the trouble of remembering a lot of strong passwords. Of course, if someone got ahold of several of my passwords and spent enough time on them, they could probably figure out the routine, but that's not as dangerous as using the same password.

    And yes, that's just an example. It's not the process I use to construct my own passwords. Trust me, you don't want to know.

  • Bank of America (Score:3, Interesting)

    by hackstraw ( 262471 ) * on Wednesday June 02, 2004 @04:33PM (#9319530)
    Just plain sucks when it comes to security. Got to http://www.bankofamerica.com [bankofamerica.com]. Notice that its http and not https. Also, now go to https://www.bankofamerica.com [bankofamerica.com], and notice that it kindly redirects you back to the insecure link.

    I use this bank, and I always put in my wrong userid and passwd so that I can enter them on a secure page. If someone is interested in thousands of bank accounts go ahead and register www.bankfoamerica.com or something similar, and mass mail people to make sure their account is correct or whatever. People will follow the link. You can simply grab their info and redirect them to the proper server with little hastle from anyone.

    I've called and told them about this, and they told me that "We are a bank, we take security very seriously, thank you very much". This was when I called them to find out the real balance of my credit card. I had 2 balances with $1,200 difference between them. They told me it was a cache problem in my browser, even thought I used 3 different browsers, under 2 different usernames on my system. They didn't seem to understand that a) https data is not cached between browsers, nor b) https data is not cached between different users. Oh yeah, this is also after they started talking to me about my last purchases on my cc without confirming _any_ form of identification besides my cc number.

    I feel as though I have an OK workaround by putting in the wrong info the 1st time, but if anyone else uses Bank Of America, I would suggest a call to them.
    • Re:Bank of America (Score:4, Informative)

      by emf ( 68407 ) * on Wednesday June 02, 2004 @04:50PM (#9319717)

      Your login/password is sent to an "https" address. It is being sent encrypted. Look at the source and see for yourself.

      You can't really go by what you see in the URL because that is the address you're looking at, not the address that the form data is posted to.

      Most browsers will warn you when you try to send something that's not secure. Most likely you've disabled that warning, as almost everyone does. If you turn it back on, you will notice that the browser won't warn you when you try to login because it is encrypted.

  • Of course, anyone that keeps up with their Cryptogram newsletters [schneier.com] would recognize immediately that, like most things that are described as "one time pads", these are very probably not one time pads [schneier.com]. Quoting from Bruce Schneier's essay from the above linked newsletter:

    So, let me summarize. One-time pads are useless for all but very specialized applications, primarily historical and non-computer. And almost any system that uses a one-time pad is insecure. It will claim to use a one-time pad, but actually u

  • I don't know if they do it anymore, but when Bank of America first started their online banking service (several years ago), they let you enter your 9 digit ID. It was very obvious it was supposed to be (and it defaulted to) your SSN, but I went ahead and made up a random 9 digit number, which together with my 7 digit PIN, makes me feel reasonably secure about anyone getting into my account online. Not that there's any money in it anyways.

    Now I just have to worry about someone with a SSN equal to my ran

  • by SuperKendall ( 25149 ) * on Wednesday June 02, 2004 @04:41PM (#9319624)
    The way American banks make sure that your money is secure is to make the sure the online bank UI is too horrible to really be able to pull off a theft, or really make any use of the money at all.
  • by MagicM ( 85041 ) on Wednesday June 02, 2004 @04:43PM (#9319647)
    Ever since a popular Dutch bank [postbank.nl] started allowing electronic access (initially through dial-up using a modem) some years ago, they have required a user-code, and two passcodes (one picked by the bank, one by the user) to log in.

    Additionally, if you want to transfer any money, you have to input a number from a list they send you through the mail. This list is printed while it's in the envelope (like some US banks do for overdraft statements and such) so no people other than the recipient ever see it. When you get close to using the last number, they send you a new list automatically.

    Since they moved the whole system to the Internet, things are pretty much the same. You can log in and check your balance wherever you are, but you can only transfer money if you have your transfer-code-list with you. To me, this feels like the perfect system; in-your-way security restrictions only on the stuff that really matters.
  • one-time passwords for online banking are a must and where my current bank(ZKB) is one of the 'crappy' ones with a little card with one-time passwords like mentioned in the CNN Story. The nicer ones (UBS) even give you credit-card-size RSA password generator which is combined with a calculator

    But is the one-time pad (plus fixed password) used by ZKB really any less secure than the UBS calculator? The one-time pad sheet is easier to carry around than the calculator.

    By the way, the bank you call 'crappy' (Z

  • Is having password fields that are too picky. Some won't take a % for example.

    And Windows 2003 complained that @bob&bob$ *! was too simple a password because it didn't contain a number.

    Enter your new password: ****
    Sorry, not long enough.
    Enter your new password: *******
    Sorry, no numerals.
    Enter your new password: *******
    Sorry, no non-alphanumeric characters allowed.
    Enter your new password: **************
    Sorry, max password is 13 characters.
    Enter your new password:

  • by igrp ( 732252 ) on Wednesday June 02, 2004 @04:54PM (#9319757)
    HBCI [openhbci.de] yet. HBCI is an open standard that's widely deployed throughout Europe (at least as far as I can tell). It incorporates encryption through OpenSSL and its source code is readily available [sourceforge.net] on Sourceforge.
  • by j-turkey ( 187775 ) on Wednesday June 02, 2004 @05:08PM (#9319903) Homepage

    I hate to be a pain in the ass about semantics, but the article headline is a bit misleading. It states One-Time Pads To Protect Electronic Bank Access. The article is about one-time passwords. I'm no crypto expert, but I've done my fair share of reading. A one-time pad is the closest thing available to perfect, unbreakable encryption. The idea is that two pads are generated of completely randomly generated characters, one is used to encrypt the characters (via modulo divide/add/xor, whatever) and immediately destroyed. The other is used to decrypt the message. As long as the pads contain truly random numbers, and they are never reused or recovered, the encryption will never be broken (because the cyphertext is a completely random string of characters).

    A one-time password, while usually a pretty good key, is just not the same -- especially if we're talking a 64-bit key with a known encryption scheme. It can be very good, but never even close to the former.

    Anyway, like I said earlier I'm not a cryptographer, but a enthusiast (at one time)...but I found that the header in the article was misleading.

  • Swedish banks (Score:3, Informative)

    by MC68040 ( 462186 ) <henricNO@SPAMdigital-bless.com> on Wednesday June 02, 2004 @06:14PM (#9320425) Homepage
    Actually,

    If you use the swedish bank "Sparbanken" (one of the largest) you got your own RSA half-creditcard sized code generator. You enter your social security id (birthdate with 4 unique digits attached) to the bank to give the basic identification and the bank gives back a 9 digit code you enter into your RSA code generator (after entering a 4 digit access PIN code) and then get another 9 digit code that you enter into the browser to the bank.

    It might sound like a lot of work, but it really goes in less than 30 seconds in most cases. Plus, you do the same procedure (get code enter code in rsa device, enter in browser to bank) everytime you want to pay a bill. Although you can stack up 20-30 payments or more and sign them just once, so it's not a procedure that really bothers anyone.

    And of course all the communication is over https/ssl and all.

    Just to give some more details on how it works :)

  • by JustAnotherReader ( 470464 ) on Wednesday June 02, 2004 @06:32PM (#9320563)
    Are there banks which are better than the ones mentioned above?

    Yep, I'm a programmer for one of them.

    First of all, your login to our on-line banking system is a randomly generated unique 8 digit number. It's on your ATM card and it's your user ID number for the bank. You also have to remember your 6 digit PIN. But what if you forget your PIN? Well we can't give it to you. Why, because we use one half of a public private key encryption to save only the encrypted version of your PIN. And just to be safe we throw away the private key so even WE can't see what your PIN is. If we ever get hacked (and people try but they've never gotten through. And yes, we've caught them and put them in jail) in any case, if we ever do get hacked they can only see the encrypted version of your PIN and the private key to decrypt them is nowhere to be found.

    So you forget your PIN. How do you get a new one? You call us and verify who you are via at least 2 or 3 different ways (I won't tell you how). Then we mail you (yes, snail mail) a new temp PIN to the address your checking account goes to. You can log in ONCE with that temp pin and you are required to change your password after the first login. By the way, if you log in 3 times incorrectly then we lock your account and notify people in the bank that this may be a hack attempt. Good thing we also log the IP address each of those login attempts were coming from.

    By the way, when you first signed up you gave us a secret question like "When dad bought that farm in Kentucky he also bought some cattle. What was the name of the first cow that he bought?" You wrote the question yourself which makes it even harder for a hacker to guess what that question is. And when you applied for on-line access you gave us the answer "Matilda". That answer is also encrypted with a one way public-but-no-private-key on our servers. So when you log in with your temp password we're going to ask you the question that only you know the answer to.

    I havn't even gotten to physical security. Believe me, don't even try to physically get to our servers, or even to the printers that print your statements. That is, if you could even find the buildings (There are no signs on teh building that say who we are) Add to that triple redundent servers and databases that are located in physically different locations over 200 miles apart so even a terrorist attack on one city won't destroy your bank records. AND those records are backed up and stored in yet another physical location.

    And I could talk about all the auditing that the SEC does on us to make sure that our systems are secure, our data is redundently backed up, failover systems work and so on.

    So yes, most banks have far more security than you can imagine. You may feel safe again.

  • by jedrek ( 79264 ) on Wednesday June 02, 2004 @06:46PM (#9320639) Homepage
    Two areas where the USA is just out in left field, cellular services and banking. The first one has stopped suprising me, the second one blew me away. I consider my country (Poland) to be backwards, especially when it comes to commercial services - like banking. It's not.

    Not only does my bank use one time passwords, the card they're on is a scratch-off card. This gives me 2 additional levels of protection. Not only does it prevent someone from peeking at my card, but it let's me verify that I made each transaction. I don't need to keep track of the last number I used, it keeps track for me. And I don't need the card unless I'm actually moving money around - all I need is my login and password.

    The web interface on my bank is incredible - I can check on all transactions since I opened the account.I can set up sub-accts on the fly, issue debit cards to each of them, and my debit card works great online - so I can keep track of those internet purchases. Between-bank money transfers take a max of 1 day, usually same-day if I make it before 17.30, transfers within my bank are instantaneous - really handy for lending my brother some money *fast*.

    And the icing on the cake, the thing that made me go to this bank - instant text-message updates on my current account. I get a transfer - I get an SMS, I buy something - I get an SMS. It's incredibly fast (I usually get the SMS before they hand me the reciept to sign) and incredibly useful. I know how much money I have, how much money I spent that day. It really helps to stem the spending sprees that plastic seems to lend itself to.

    And all this, from my local, Polish bank.
  • by gweihir ( 88907 ) on Wednesday June 02, 2004 @06:54PM (#9320726)
    That is only if the key is random and as long as the message and used only once via XPOR. One-time passwords are something entirely different end infinitely more insecure, given that one-time pads are the most secure possible encryption method.

    Somebody (the createo od the title) is obviously shaky on crypto.
  • by davburns ( 49244 ) <davburns+slashdot@@@gmail...com> on Wednesday June 02, 2004 @08:34PM (#9321514) Journal
    If money is stolen from a bank account, it is the bank that looses the money. (The account holder has a hasle factor, though.) The banks pay for security (including education of users.) The point of good security is to reduce the losses due to theft/fraud. Banks don't need to eliminate these losses -- just reduce them enough so they don't eat up profits too much. How much they spend to reduce theft/fraud is simply a buisiness decission for the bank.

    If I speculate about the causes of the differences (from country to country) of bank security, I think about the following:

    • Maybe American users are dumber than other peoples of the world. (I prefer to think we're about the same. But maybe I'm dumb.)
    • Maybe in places other than the USA, it's the depositor that takes the loss. That means the depositor would want the bank to spend more of its money to provide better security. (BUT that really means that USA banks are providing more secure service, even though they use worse security. How odd!)
    • Maybe there's more theft and fraud in places where there's better security. That might be because of differing severity of punishment for non-violent crimes.
    • Maybe the USA rolled out ATMs and credit card readers earlier than some other places, and we're now stuck with what works good enough. Places that rolled out readers and machines later did so with newer, better technology.
  • It's just in the US. (Score:5, Informative)

    by jwr ( 20994 ) on Wednesday June 02, 2004 @09:04PM (#9321698) Homepage
    It's just a US thing. Banks in the USA are for some reason stuck in the 80's.

    All the banks I use in Poland provide one-time passwords for anything important. There are no checks in use, but you can use electronic money transfers to pay for just about anything (this is being introduced as "BillPay" in the US and advertised as big news).

    I guess the US was first to develop a mature banking industry with credit cards and checks. This has worked so well (back in the 70's) that banks were not under pressure to innovate.
  • Effectiveness (Score:3, Interesting)

    by Anonymous Coward on Wednesday June 02, 2004 @09:12PM (#9321740)
    As I understand it, most of these 'phishing' type things rely on getting someone to log into a web site which looks like their online banking system but isn't. I'd immagine they often get around the SSL problems by just not using SSL - most people won't read the url or notice the little padlock icon or whatever not being there.

    Say someone has created such a site - what prevents them from harvesting one time passwords or even challenge/response data this way and using them for fraud immediately? Say the user tries to perform a transfer on the fake interface, provides their transaction number or challenge/response token - the fraudster just uses these details straight away on the real site. The keys they've stolen are fully valid as far as I can see - even the timed challenge/response, if they use it quickly enough. The user would eventually notice that their transaction never happened, but by then they've been robbed. Am I missing something?
  • Sloppy reporting. (Score:4, Informative)

    by Eivind ( 15695 ) <eivindorama@gmail.com> on Thursday June 03, 2004 @01:53AM (#9323073) Homepage
    ..But then this is slashdot.

    A one-time-pad is in no way the same as a one-time-password. The only thing common between the two is that they're both used only once.

    A one-time-pad is a random string as long as the message you want to send, shared between sender and recipient. The sender encrypts the message by xoring with the one-time-pad and the recipient decrypts by doing xoring the ciphertext with his copy of the one-time-pad. The pads must then never be used again, and must be securely destructed to prevent people who have a copy of the ciphertext from getting hold of them. Unconditionally secure, but often impractical due to the key-handling issues.

    A one-time-password, like those Banks here in Europe typically either issue to you on a sheet of 50, or in the form of a calculator-like device that generate them from the current time, a secret pin and a cryptographic hash serves a quite different purpose;

    The idea is that if you force people to have long, complicated passwords, then they either write them down, use the same password on multiple sites, or both.

    By using an additional one-time password, the bank makes sure that there's *two* things identifying the user logging in. One, the user knows the secret pin. (which is typically simple 4-digit or so.) and two, the user is in posession of the sheet-of-codes/calculator-thingie.

    Increases security quite a bit, because it's no longer a threat if someone for example hacks the users computer and installs a keylogger or similar device. Sure that attacker will then learn the pin, but the attacker will then *also* need to break into the house of the victim or otherwise acquire the list of one-time-passwords. So at the very least you've eliminated the large group of attackers which have no physical proximity to the victim.

You know you've landed gear-up when it takes full power to taxi.

Working...