Most banks and other financial institutions are trying to increase security. The latest security measures involve something called Two-Factor Authentication. What is Two-Factor Authentication? It is a security measure that involves two of three authentication factors.
First, what are the three authentication factors? They are something a user has, something a user knows, or something the user is. Examples of these three:
Has – ATM card, Security Token
Knows – Login ID, password, PIN
Is – fingerprint, retinal profile, facial recognition pattern
Most banks shy away from the Is category because the biometric components are complicated and expensive to implement. So in today’s environment we usually see the implementation of Two-Factor Authentication using the combination of something a customer knows along with something they have in their possession.
This is the same thing you’re used to if you have ever gone to an ATM. You know you need to have your bank card. The machine reads it and then asks you for something know: your PIN. These same procedures are now being put into play with online banking. Often times the thing you have has to be something other than your bankcard because you can’t just swipe it on the PC somewhere.
Many banks have taken to using some sort of security token as the Has authentication factor. Usually this is some sort of device that shows a sequence of alpha or numeric characters that change on a regular basis. The server at the home office knows the current display of each registered token on the system and will only allow you to log into the system if the login/password you provide and the code from the token device all match the server records at the time of login.
If your bank asks you to start carrying a security token to authenticate yourself when you log on, don’t think of it as a nuisance. Think of it as an added layer of security protecting your assets.