Advertisement
Promo

Security management Toolkit

In association with HP

Talkback

Post a comment


Story: PayPal fights fraud with password key fob

  • Previous comment

Posted by: 1000238202 (Friday 12 January 2007, 11:28 AM)

  • Reply

False Security

The issue with this is that it still doesn't stop a fraudulent site collecting the username and password AND the OTP number. The hacker could then still use this to log into PayPal within the next 30 seconds.

The user would just assume they'd entered something wrong and try again, this time being directed to the real site.

Once the hacker is logged in they can then do what they want.

A stronger solution would have been to add the requirement for the OTP not as an additional log on requirement but whenever a money transfer is made.

View complete profile

Private message disabled

View all posts

Nick

Nick
UK
Member since: December 2005

Site Activity Rating:

1

 


  • Previous comment

  • Reply to this comment
  • Return to story
  • Report this as offensive


Full Talkback thread

More In Security management



Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Featured Talkback

In association with Network Liberation Movement
It seems to me this is a burden being placed on the wrong shoulders. There is not an It system in the world that can stop an individual taking information in their heads and spewing out at the nearest undesirable third party.

By: RonaldWilkins

Read full story:
Deloitte: People are still weakest security link


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters