|
by Commander Tansin A. Darcos 08/04/2014, 1:48pm PDT |
|
 |
|
 |
|
I have both a personal and corporate checking account from Citibank (the personal account is free when you open a corporate account), and one of the things Citibank does, to prevent fraud, you can't access your (corporate) account on-line without using the device they send you. It's about half the size of a credit card, and has 12 buttons on it and an LCD display similar to a tiny calculator, although I don't know why it has them since the only button you ever use is the on-off button. It has a ring on a short (2") chain so you can hook it on your keychain. I just leave it in front of my computer.
So when you log onto your account, you give the username, password, plus a 6-digit code you get by turning on the dongle and punching in the number it gives you. This number changes either every time you turn it on or probably every 15-60 seconds. So every time you log on to Citibank's website, you give a different identifier code.
This essentially makes scam websites or even keyloggers impossible to use as a method to steal money because the code has to match what the dongle generates for that particular minute or however often the code changes. Replay attempts won't work. I can understand the idea behind it, and it's only an inconvenience for the extra 5 seconds it takes to enter the extra code. It's not a whole lot of trouble and provides a lot of security.
|
|
 |
|
 |
|
|
|
