In a follow up to the earlier announcement from Barclays, David on Zdnet questions if consumers will accept the solution. I agree with that assessment.
Are you supposed to bring a bulky card reader with you everywhere you go? In contrast, RSA makes versions of its securID solution that fit on your keychain. Think I’m crazy about the sort of mobility that people want out of their online banking?
As I earlier noted:
Relevance to Bankwatch:
While this will buy some time, it remains to be seen if its a complete solution. Meantime its an expensive gamble to issue and support the tokens. The security infrastructure that supports the tokens is expensive.
There is a space for devices that support smart card authentication, and that provides clear ‘something you have’ characteristics. But I remain convinced this is not a mass solution.
Finally David notes an intersting anecdote from Target, the US retailer, and their failed attempt.
To boot, card reading solutions as a means for securing online transactions have not been met with consumer enthusiasm. Way back in 2001, Target (the retailer) announced that it would be issuing card readers (like this Target-branded one on saleTarget-branded “smart Visa Cards” to help secure payments (card readers ensure that the end-user actually has a card as opposed to just the card number). But, by 2004, the entire smart card program was failing so miserably that Target pulled the plug on the whole thing.
Technorati Tags: security, smart+cards, two+factor+authentication
Bankwatch 