[thelist] Keylogging and pin entry fields (and an attempt at a clean solution)

Shawn K. Quinn skquinn at speakeasy.net
Thu Nov 24 13:10:13 CST 2005


On Wed, 2005-11-23 at 20:30 +0000, Christian Heilmann wrote:
> The reason (not marketing as I originally thought): Keylogging
> software that might record the pins users enter. Therefore as a safety
> measure the pin pad was requested.

Any software that can log keystrokes can potentially capture screen
output and network traffic as well, so the security gained by this
approach is limited.

I'm honestly surprised more banks don't use one-time password schemes.

-- 
Shawn K. Quinn <skquinn at speakeasy.net>




More information about the thelist mailing list