Phoning in your ID

This is a very clever idea and I'm not sure why the wireless carriers didn't think of it way earlier. [My ebulliance I'll temper, waiting for the inevitable "gotcha". Still . . .] Apparently, according to his story from down-under in the Globe & Mail (ID double-check systems stymie on-line thieves), a bank in New Zealand has figured out how to use a mobile phone to implement a two-factor authentication for online and other digital transactions. Cool. Here's the snip:

ASB [the bank's] customers enter their on-line banking user name and password as usual, but then automatically receive a text message or e-mail on their mobile phone containing a second one-time password (their cellphone information is kept on file for this purpose). The second password or "mobile token" must be used within three minutes to access the bank's website.

Posted by Grayson at April 28, 2005 07:43 AM