|
|
Post by Orac on Nov 6, 2023 8:08:48 GMT
The bank could hold a 2nd password you can set at will and is visible to bank employees.
If the bank calls you, you reset the password during the call and ask the employee to retrieve the revised version.
This will nearly "100%" verify that the person calling you has real time access to the bank's system. The only other possibility would be that your update transmission was intercepted (ie you were completely compromised)
|
|
|
|
Post by steppenwolf on Nov 6, 2023 8:16:41 GMT
Zanygame said: "Precisely, so they store it safely, just as they could their own password for me. No difference." I knew this would be difficult. The difference between the bank identifying you as a valid caller (case 1) and you identifying the bank as a valid caller (case 2) is that: Case 1: You provide the bank with the two letters (that you have memorised) and they're sent off to the security machine and the security machine replies with correct or incorrect (nothing more) Case 2: You ask the bank to provide the two letters. The bank can't memorise the password except by storing it on the database. And it HAS to be held encrypted on the database or any hacker can find it. So the bank has to decrypt your password in order to give you the two letters. So your security has been completely compromised. Your problem is to be able to store the bank's password securely and still be able to supply a selection of letters to the client. If there's a simple way of doing that then I suggest the bank would be doing it already. Hi Steppen. Yes I got that. I even proffered a solution. I agree with John, it could be done relatively easily. I am more interested in solutions for the problem of how my bank identifies itself to me. That's what I'm talking about. As usual you don't even understand the problem. |
|
|
|
Post by steppenwolf on Nov 6, 2023 8:28:48 GMT
Because the idea of a password/PIN is that you never write it down. So the password/PIN that you're given by the bank is given to you once in secure letter and you're meant to memorise it and destroy it. The bank itself doesn't keep that data in any recognisable form. It's held in a security machine encrypted under a master key, that again no one knows because it's made up of several parts that are input by several people. And there is no function to generate that data in the clear. All you can ever do is present the security machine with the whole PIN (encrypted under your own transmission key) and ask it if it's right. Maybe there is a way of doing what you want, but I can't think of one. Plainly "Stuart" must not know your PIN (or "bank-PIN"), so he must have a way of decrypting secure data held on the bank's database. But that's a No-no. Stuart could very easily find out your "bank-PIN" and that's an invitation to fraud. In reality the utility companies already do something similar for people considered particularly vulnerable. Callers to homes of blind people for example. The customer sets a password in their customer records which they can indeed change as often as they like, after every visit for example, and the engineer / meter reader / whatever gives the said password at the door. So the process already exists for companies dealing with the public in their homes. The question is why don't companies that call you offer the same. It would be trivial for me to add this feature to our bank’s customer database and audit by database trigger all access to that data field including device / account etc. Yes **I** and a handful of the system designers with god and demigod database access COULD access that area AND erase the audit log but the erasure itself would be recorded and flagged. I can’t create a perfect system but i can have a damn good go This is not secure. It may be secure enough for the purposes of these companies but not for banks. There are certain fundamental principles that have to be adhered to. Any password/PIN that's held on their database has to be encrypted in such a way that no one can decrypt it - even if they have free access to the bank's computer and security system. |
|
|
|
Post by zanygame on Nov 6, 2023 19:50:05 GMT
The bank could hold a 2nd password you can set at will and is visible to bank employees. If the bank calls you, you reset the password during the call and ask the employee to retrieve the revised version. This will nearly "100%" verify that the person calling you has real time access to the bank's system. The only other possibility would be that your update transmission was intercepted (ie you were completely compromised) I like this. Only problem is if you are not somewhere you can access your bank. But then that also means the scammers can't get to it either.  |
|
|
|
Post by steppenwolf on Nov 7, 2023 7:37:27 GMT
You can't have any password/PIN that's visible (i.e. in the clear) on the database. And passwords/PINs can only be changed over a secure network where they're encrypted under a secure transmission key - and are then encrypted on the database under a master key only known to the security machine. Banks are responsible for holding vast amounts of money safely. They're up against very clever hackers who can easily hack into any bank system, so they have to be secure even if people have hacked in. There are also a large number of technicians who maintain the bank's system. If you have systems that keep passwords/PINs in the clear or security machines that allow decryption of this data you'd be cleaned out in days.
|
|
|
|
Post by zanygame on Nov 7, 2023 7:46:23 GMT
You can't have any password/PIN that's visible (i.e. in the clear) on the database. And passwords/PINs can only be changed over a secure network where they're encrypted under a secure transmission key - and are then encrypted on the database under a master key only known to the security machine. Banks are responsible for holding vast amounts of money safely. They're up against very clever hackers who can easily hack into any bank system, so they have to be secure even if people have hacked in. There are also a large number of technicians who maintain the bank's system. If you have systems that keep passwords/PINs in the clear or security machines that allow decryption of this data you'd be cleaned out in days. Any alternatives beyond 'Computer says no? ' |
|
|
|
Post by steppenwolf on Nov 7, 2023 14:00:43 GMT
As I said, if there were a simple and safe way of doing this the banks would already have done it.
|
|
