The best answers are voted up and rise to the top. Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams? Learn more.
Ask Question. Asked 9 years ago. Active 1 year, 9 months ago. Viewed 60k times. How does the bank know the code is genuine? Improve this question.
DisgruntledGoat DisgruntledGoat 1 1 gold badge 4 4 silver badges 9 9 bronze badges. Do you put your card in it? Or there is a serial number on it you gave to the bank so they know what the PRNG is seeded to? They look similar but work it different ways. Server runs same algorithm and verifies answers match. From the latter it seems to be generating codes depending on real time. Add a comment.
Active Oldest Votes. There are two standard ways to build such a device: Time-based. Improve this answer. The input x will progress in a defined way and produce modular output. Given appropriately large coefficients on each term, the cracking such a sequence becomes akin to a semiprime integer factorisation. Furthermore, it allows the sequence to recover in cases where a large number of skipped entries are used, without resorting to brute-force. Polynomial, I confess you lost me. I hadn't heard of anything like that being used in this context, and I'm skeptical whether it would be secure, but I'll withhold judgement until I see the details.
Do you have a pointer to a more detailed explanation? I'm not familiar with that kind of thing used in this context, but I'd be interested to learn more if you can suggest any readings with more information. I don't have a direct reference to anything like that off the top of my head - the technique has a real name which eludes me at the moment.
Think of its security model as an extension of RSA's - modular exponentiation of large values. The only major difference here is that a sequence is produced with properties that allow full coefficient recovery if you know a partial set of coefficients and a number of points on the curve. Polynomial, if you are talking about secret sharing, I don't think it has any relevance here as far as I know. Are you sure it is used in this context? If you have any citations that indicate that secret sharing techniques are being used to generate the sequence of random values from hardware tokens, please do share the citation or pointer -- I'd be very interested -- but lacking that, I'm pretty skeptical.
It's definitely not 2, my accounts would have locked me out a long time ago if it was. Show 6 more comments. Moshe Katz 1, 1 1 gold badge 11 11 silver badges 17 17 bronze badges. Fearmonger Fearmonger 2 2 bronze badges. The link above does not work anymore. I presume it's now openauthentication. Looks to me like both your link and the link in the original post now redirect to a third location.
In short, here is what happens: The bank programs the token with a unique encryption key. The Overflow Blog. Does ES6 make JavaScript frameworks obsolete? Podcast Do polyglots have an edge when it comes to mastering programming Featured on Meta. Now live: A fully responsive profile.
Antivirus can find only those viruses, which are known to him and, if after scanning the antivirus has not fixed anything, it does not mean, that the viruses are missing. It is advisable to renew antivirus data basis as often as possible.
Control the computer program, used for the performance of electronic services on regular basis:. When starting work with the code generator, it is necessary to enter the 5-digit PIN-code. In order to achieve the maximal security level in work with Multinet www.
Very often the reason, why the unauthorized person has the access to your computer is insufficient password security. To avoid it you should: Use the word combinations, special symbols, etc. For your computer security use the following programmes: Firewall , Spyware and Antivirus. Some spyware programs: Spyware Doctor 6 for Windows Anti-Spyware Antivirus programs Antivirus — the program, which recognizes and removes the computer viruses.
Useful web sites: Kaspersky Lab - www. Practical recommendations Computer security Control the computer program, used for the performance of electronic services on regular basis: Follow up, who uses your computer, Use the screensaver with password during your absence, Use several computer information protection means — access passwords, newest internet protection tools and regularly renew the browsers, regularly renew antivirus programs.
Security solutions offered by the bank Use the day limits — if they are exceeded there must be performed the additional authorization notice to the bank, it is advisable to the users to use also the double authorization of the transaction. Use the identification means of the higher security level — code calculators, where the generated codes are valid for certain term and are not repeated.
Use the possibility offered by the bank to recall the client, if the payment sum exceeds the stated limit. Control the finance movement on the accounts Control your balance of the account and the information about the transactions in the bank on regular basis.
Use the possibility to receive the message SMS about the performed transactions by help of mobile bank.
0コメント