|
|
|
|
|
|
by cuu508
2310 days ago
|
|
|
If your bank is in EU, you can ask them to look into this EU regulation about strong authentication methods: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A... > Dynamic linking is possible through the generation of authentication codes which is subject to a set of strict security requirements. To remain technologically neutral a specific technology for the implementation of authentication codes should not be required. Therefore authentication codes should be based on solutions such as generating and validating one-time passwords, digital signatures or other cryptographically underpinned validity assertions using keys or cryptographic material stored in the authentication elements, as long as the security requirements are fulfilled. My bank (Swedbank Latvia) used this regulation as a pretext for removing authentication via passwords + code cards. They didn't do too well on the "technologically neutral" part though – you now have to use proprietary software or hardware to authenticate :-/ |
|
|