Bank Security Sucks

Why is it, I can get a security key fob from PayPal for a mere $5, but not from my credit card company or bank? PassMark seems to be the latest craze of banks in an attempt to look more secure. It doesn’t work. Online security still seriously sucks. 96.66% fell for phishing according to Harvard and MIT just a few months ago. Interestingly both of those links reference the same bank (Bank of America), though they aren’t the only ones.

And I’m supposed to believe RFID enabled credit cards aren’t trouble? I think not. I’ll wait until the technology has been proven a bit more. Swiping the card really isn’t that hard. I find it to be a good workout. For the security of knowing my wallet is a good security device, I don’t mind the inconvenience. When they can prove it’s secure I’ll switch. I doubt that will be for a while.

I wonder how long until financial institutions start taking security to the next level. I’m confident they will be pushed to do so at some point. I’m just wondering what the catalyst for change will be. I’m guessing some more alarming statistics. I really want to see hardware based two-factor authentication the defacto standard in all banking systems. If PayPal can do it for $5 per user, I think the rest can manage to offer it. It’s not perfect, it doesn’t cover every type of attack, but it’s the single best enhancement over a good password. You do have a good password right?

[Hat Tip: The Consumerist]

PayPal Security Enhancement

For $5 you will be able to get a little better security with a PayPal SecurID. That’s not a bad idea. I very rarely use PayPal (mainly when some sort of discount/promotion is available), but I’d still get one, just for the added safety.

I wish banks would hurry up and make it standard across the board. A good password is still important, but two-factor authentication like this is a big step in defeating Phishing.

eBay Blocks Google Checkout

I had just finished writing up some code to implement PayPal into a billing system, when Google launched “Google Checkout”. While reading up on the implementation guide, I was wondering how long until eBay felt threatened by it. PayPal is extremely stagnant. It doesn’t handle many of the cool things Google Checkout can (PayPal cart is virtually useless).

Well, I have my answer. eBay decided to just block it. Rather lame. This will either up being settled very quickly, or end up in court.

I guess my next question “can they standardize the interfaces so programming to use a service is just a matter of a new url?” is something I can answer myself.

Ebay Buys Skype

Please oh please don’t ruin it like you did PayPals. Well, the news is out, eBay is going to buy Skype. For some reason, I have this belief that eBay will either stop letting it continue development (like PayPals seems somewhat frozen in time), or just start crippling it so people use the pay service (which I won’t). Would have been great if Google bought them, which I’ve been hoping for a while.

Katrina Relief Online

I’ve been compiling a little list of some ways you can help online. There is a lot going on, so if you find one I haven’t mentioned, leave a comment so I can add it.

  • Flickr Auction – the popular photo sharing site is holding an auction for prints of some donated photo’s. There’s quite a few reflecting some very talented people. If you’ve got some space for a photo and want to help out, this is a great way.
  • eBay is using PayPals to collect money for United Way.
  • Amazon is collecting through it’s “Honor System” making it easy to donate to the Red Cross through your Amazon.com account. Google is pointing to this.
  • Yahoo is also collecting for the Red Cross through it’s website.
  • MSN (Microsoft) is collecting money for the Red Cross.
  • Apple made it easy to donate through it’s iTunes service (link opens in iTunes).
  • Comcast notes a dozen charities which you can donate to (some accept online, some don’t).
  • WritersCafe.net has been pushed rather extensively by Fark.com
  • Major League Baseball (MLB) will be holding collections on September 7th (or a day of a teams choosing for teams away on that day).
  • AOL is linking to a bunch of charities through NetworkForGood.com.

Feel free to add.