Co-op Bank and Verified by Visa
Ian Batten
igb at batten.eu.org
Thu Jun 18 14:13:47 BST 2009
On 18 Jun 09, at 1312, Nicholas Bohm wrote:
> In my experience the Verified by Visa and Mastercard SecureCode sites
> show me a memorable phrase of my own choosing (set at registration)
> as a
> form of authentication. Weak but better than nothing; and my bank
> (Coutts) allows me to use a password for these sites which is not the
> same as anything I use elsewhere. So these are grounds on which you
> might challenge the Co-op's implementation.
Same for Lloyds TSB. And the initial sign-up site I was first
redirected to was within the lloydstsb.co.uk domain and had
appropriate certificates that matched the URL. You set a distinct
password, and you set a greeting message of your choice, which they
should tell you to make very personal but don't. You can change that,
and you can get a list of all transactions. Branded as clicksafe and
seems to have been well thought through. It works for both Mastercard
and Visa off the same infrastructure.
http://www.lloydstsb.com/clicksafe.asp
ian
More information about the ukcrypto
mailing list