Banks Getting Serious About Security
What they are saying is that users on banks' systems must provide two forms of identity - one the users know -Username/PIN - and one they have which is something physical like a Secure ID, token, or other unique identifier that is tied to a piece of infrastructure.
Having just met with a regional midwestern bank yesterday, I discussed the solution offered by Trusted Network Technology where a driver is pushed out to any device (computer, ATM, etc.) using Zen Works, Tivoli, etc. and this driver (unknown, undetectable, and unalterable by a user) is planted on their device and based on the access defined by a role in a directory. In other words, this can be rolled out, solve the problem and be done very quickly (one install I know of took 2 hours).
I should probably mention that I am not a paid pitch man of TNT's however the technology they have created is fantastic, and this view is based on a deployment that my company did 3 weeks ago, and feedback received in meetings.
If you are a bank looking at solutions, you owe it to your management, board, and most importantly customers who are concerened with security and protection of personal information.