Banks Getting Serious About Security Part II

So I was exchanging emails with the AP reporter who wrote the article, Brian Bergstein, and we were discussing that while this is a noble and worthwhile cause, the biggest hurdle will be the savviness of the online banking user. Granted they are probably pretty savvy to begin with to even be online in the first place, but will they be savvy, and perhaps more importantly motivated, to participate in this two factor authentication initiative.

One thought I had to approach on this was if the banks limit the FULL access to account transactions (read/write) to one device or machine (work or home as an example) then it could be easier to manage since there are ways to positively identify a specific machine and control access to network resources. The second part of this approach is that anyone could get READ access, or review level access to see balances and transaction histories but execute no transactions (transfers, withdrawls, trades, etc.) from any other machine.

This may be the happy medium, at least as far as approach goes. I mean I really can't see banks spending money on mailing a token to their banking customers for cost of token and tech support alone, let alone the expertise of the user on how it all works. And you know that cost is passed onto us the consumer anyway, and since I am in a position to try to help keep costs down, this is my feeble attempt at helping the banking system.

MM