FYI: Trusted Reviews | Visa Revamps Humble Credit Card.
Igor Mozolevsky
ukcrypto at chiark.greenend.org.uk
Wed, 12 Nov 2008 17:15:33 +0000
2008/11/12 Paul Vigay <ukcrypto@vigay.com>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> In article <1538324982.20081112131342@originalthinktank.org.uk>,
> Chris Salter <ukcrypto@originalthinktank.org.uk> wrote:
>> As the photos conveniently give away, the new card incorporates a 12
>> digit keypad and display on the back and a very simple system: key in
>> your pin and generate your one-time security code - goodbye terrifying
>> permanent number."
>
> But presumably the security is only as strong as the weakest link in the
> chain. Even though it generates a one-time security code, if the PIN is
> compromised, then a hacker could generate the one-time security code too.
>
> It still doesn't improve upon the human error of inadvertently revealing
> your PIN to a dishonest third-party.
SberBank in Russia has gone one step further - you must use VbV to
make online purchases, their VbV uses one time pads, which you need to
acquire from an ATM. The slip that the ATM issues you has a ticket
number and ten keys, you can obviously get more than one slip with
keys.
Cheers,
Igor :-)