{"id":6357,"date":"2017-03-03T13:57:35","date_gmt":"2017-03-03T05:57:35","guid":{"rendered":"http:\/\/staging.bankvaultonline.com\/?p=6357"},"modified":"2017-03-03T13:57:35","modified_gmt":"2017-03-03T05:57:35","slug":"banking-fobs-sms-texts-create-false-sense-security","status":"publish","type":"post","link":"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/","title":{"rendered":"Banking Fobs and SMS texts create a false sense of security"},"content":{"rendered":"<p>Two-factor authentication (2FA) was developed decades ago as a solution to the eternally frustrating problem of verifying who you are to an automated online system\u2014like online banking.<\/p>\n<p>Logging on or, more precisely, authentication, can be done many different ways\u2014with passwords the most familiar. But, passwords can be stolen or guessed, and we humans are easily fooled into giving them away to scammers, so the two-factor approach is popular because it improves on this by requiring a second, different type of proof as part of the process. Two login steps are better than one.<\/p>\n<p>Most of us are comfortable using SMS codes sent to our mobile phones, but there are many other examples around such as synchronised key fobs, fingerprinting, USBs and even voice recognition. Proving who you are is made stronger by adding the second factor, but this has led many people to have a false sense that this somehow means they \u2018are secure\u2019 only because we can\u2019t imagine how a hacker could possibly access something we physically hold, like the banking Fob device or our mobile phone.<\/p>\n<p>In every cyber heist the banking Fob or SMS text message carrying a one-time-passcode was either bypassed or defeated.<\/p>\n<p>There\u2019s a lot more to security\u2014there\u2019s even a lot more (technically speaking) to logging on than just double checking it\u2019s really you. 2FA only really addresses that first authentication part of the process of interacting with a website, which is just one part of a bigger security concern you need to be addressing.<\/p>\n<p><img fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/staging.bankvaultonline.com\/wp-content\/uploads\/2017\/03\/ME_188_HelmetSecurity-640x199.png\" alt=\"2FA, 2 factor authentication, online banking - BankVault\" width=\"640\" height=\"199\" class=\"aligncenter size-full wp-image-6358\" \/><\/p>\n<p>The false sense of security created by 2FA is, of course, entirely understandable because it\u2019s really hard for most of us to grasp the technical complexities of how a human using a computer actually logs on to a banking website and manages their money online. It is a multi-layered process with many technical elements to keep secure: the communications connection your computer makes with the banking website, the typing of your password on your keyboard, the encryption of information and its transmission through the internet to the host servers, the processing and response back to your computer, and even what you eventually see on your screen.<\/p>\n<p>Hackers consider all of the steps in your security chain and are continually evolving new techniques. For example: <a href=\"https:\/\/staging.bankvaultonline.com\/news\/security-news\/phone-hacking-sms-security-codes-so-unsafe-they-will-be-banned\/\">60 Minutes<\/a> ran a story on a little electronic device that allows anyone to listen in to your mobile phone and receive your text messages. They used this onscreen to hack Nick Xenaphon\u2019s phone live from Berlin. Hacker\u2019s no longer need to impersonate their victim to access the SMS text from the bank. A new hacking technique called Man-in-the-Browser is where the hacker is literally in your browser while you\u2019re performing banking and can change account details, amounts, and even control how these are echoed and displayed on screen.<\/p>\n<p>2FA is certainly an improvement to the logon part of the security problem, but not a solution to security online. The most vulnerable point in any online system is you, your computer and your network. The bank at the other end of the internet can\u2019t secure your part of that information exchange.<\/p>\n<p>There are new technologies coming in now which promise a higher level of security. One of the most basic techniques you can do for yourself is have a dedicated laptop not used for anything other than banking. A commercial example of this is <a href=\"https:\/\/www.bankvaultonline.com\">BankVaultOnline.com<\/a> which essentially guarantees a pristine new computer without any history is created each login. You continue to use your banking Fob or SMS text as normal but using this system it makes it impossible for hackers to ever get your login details to begin with. It secures online banking and other critically important transactions.<\/p>\n<p>2FA and dual-2FA has raised the bar against attackers and it should definitely be used. But don\u2019t make the mistake of thinking 2FA is impenetrable just because you can\u2019t imagine how hackers defeat it. You can\u2019t imagine how a magician saws a lady in half either but once you know the trick it\u2019s normally quite simple.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Two-factor authentication (2FA) was developed decades ago as a solution to the eternally frustrating problem of verifying who you are to an automated online system\u2014like online banking. Logging on or, more precisely, authentication, can be done many different ways\u2014with passwords the most familiar. But, passwords can be stolen or guessed, and we humans are easily [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":6359,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[37,15],"tags":[22,44,68,250],"class_list":["post-6357","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-news","category-news","tag-2-factor-authentication","tag-internet-security","tag-multi-factor-authentication","tag-online-banking-theft"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Banking Fobs and SMS texts create a false sense of security - BankVault<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Banking Fobs and SMS texts create a false sense of security - BankVault\" \/>\n<meta property=\"og:description\" content=\"Two-factor authentication (2FA) was developed decades ago as a solution to the eternally frustrating problem of verifying who you are to an automated online system\u2014like online banking. Logging on or, more precisely, authentication, can be done many different ways\u2014with passwords the most familiar. But, passwords can be stolen or guessed, and we humans are easily [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/\" \/>\n<meta property=\"og:site_name\" content=\"BankVault\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/BankVaultOnline\/\" \/>\n<meta property=\"article:published_time\" content=\"2017-03-03T05:57:35+00:00\" \/>\n<meta name=\"author\" content=\"BankVault\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@bankvaultonline\" \/>\n<meta name=\"twitter:site\" content=\"@bankvaultonline\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"BankVault\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Banking Fobs and SMS texts create a false sense of security - BankVault","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/","og_locale":"en_US","og_type":"article","og_title":"Banking Fobs and SMS texts create a false sense of security - BankVault","og_description":"Two-factor authentication (2FA) was developed decades ago as a solution to the eternally frustrating problem of verifying who you are to an automated online system\u2014like online banking. Logging on or, more precisely, authentication, can be done many different ways\u2014with passwords the most familiar. But, passwords can be stolen or guessed, and we humans are easily [&hellip;]","og_url":"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/","og_site_name":"BankVault","article_publisher":"https:\/\/www.facebook.com\/BankVaultOnline\/","article_published_time":"2017-03-03T05:57:35+00:00","author":"BankVault","twitter_card":"summary_large_image","twitter_creator":"@bankvaultonline","twitter_site":"@bankvaultonline","twitter_misc":{"Written by":"BankVault","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/#article","isPartOf":{"@id":"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/"},"author":{"name":"BankVault","@id":"https:\/\/www.bankvault.com\/#\/schema\/person\/76e0aa85d5ac5405b47c0760eb9ab639"},"headline":"Banking Fobs and SMS texts create a false sense of security","datePublished":"2017-03-03T05:57:35+00:00","dateModified":"2017-03-03T05:57:35+00:00","mainEntityOfPage":{"@id":"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/"},"wordCount":697,"publisher":{"@id":"https:\/\/www.bankvault.com\/#organization"},"image":{"@id":"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/#primaryimage"},"thumbnailUrl":"","keywords":["2 Factor Authentication","Internet security","multi-factor authentication","online banking theft"],"articleSection":["IT security news","News"],"inLanguage":"en-AU"},{"@type":"WebPage","@id":"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/","url":"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/","name":"Banking Fobs and SMS texts create a false sense of security - BankVault","isPartOf":{"@id":"https:\/\/www.bankvault.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/#primaryimage"},"image":{"@id":"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/#primaryimage"},"thumbnailUrl":"","datePublished":"2017-03-03T05:57:35+00:00","dateModified":"2017-03-03T05:57:35+00:00","breadcrumb":{"@id":"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/#primaryimage","url":"","contentUrl":""},{"@type":"BreadcrumbList","@id":"https:\/\/www.bankvault.com\/banking-fobs-sms-texts-create-false-sense-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.bankvault.com\/"},{"@type":"ListItem","position":2,"name":"Banking Fobs and SMS texts create a false sense of security"}]},{"@type":"WebSite","@id":"https:\/\/www.bankvault.com\/#website","url":"https:\/\/www.bankvault.com\/","name":"BankVault","description":"cybersecurity","publisher":{"@id":"https:\/\/www.bankvault.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.bankvault.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-AU"},{"@type":"Organization","@id":"https:\/\/www.bankvault.com\/#organization","name":"BankVault","url":"https:\/\/www.bankvault.com\/","logo":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.bankvault.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.bankvault.com\/wp-content\/uploads\/2018\/11\/BankVault-Logo-Light.png","contentUrl":"https:\/\/www.bankvault.com\/wp-content\/uploads\/2018\/11\/BankVault-Logo-Light.png","width":1212,"height":275,"caption":"BankVault"},"image":{"@id":"https:\/\/www.bankvault.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/BankVaultOnline\/","https:\/\/x.com\/bankvaultonline"]},{"@type":"Person","@id":"https:\/\/www.bankvault.com\/#\/schema\/person\/76e0aa85d5ac5405b47c0760eb9ab639","name":"BankVault","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.bankvault.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&r=g","caption":"BankVault"},"url":"https:\/\/www.bankvault.com\/author\/bankvault\/"}]}},"_links":{"self":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/posts\/6357","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/comments?post=6357"}],"version-history":[{"count":0,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/posts\/6357\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/media?parent=6357"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/categories?post=6357"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bankvault.com\/wp-json\/wp\/v2\/tags?post=6357"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}