ChatterBank0 min ago
online banking
2 Answers
I have one of those little gizmos from HSBC that generates a new log-in code number each time you go online. How does the bank's computer know and recognize these numbers?
Answers
Best Answer
No best answer has yet been selected by rabet. Once a best answer has been selected, it will be shown here.
For more on marking an answer as the "Best Answer", please visit our FAQ.Although Mark’s answer is technically correct, it is a little short on substance.
My Barclays card reader (which works on the same principle) generates an 8 digit number, therefore there are a total of 100 million possible permutations.
The reader requires input of the correct card pin number for the bank card – once this has been done, the reader algorithm (mathematical calculation) generates one of probably 100,000 valid 8 digit numbers which will allow you to access your online account. Based on my guess of only 100,000 valid 8 digit numbers – you would have 1 in 1,000 chance of guessing a valid number.
Your online bank knows that you are accessing your account and so can use the same algorithm to determine that the 8 digit number entered is one of the valid numbers for your account and bank card.
I suspect that once a particular 8 digit number sequence has been used to access your account, that the account cannot be accessed using the same number again. This would stop someone who had placed a key logger or some other intercept on your PC from using it.
My Barclays card reader (which works on the same principle) generates an 8 digit number, therefore there are a total of 100 million possible permutations.
The reader requires input of the correct card pin number for the bank card – once this has been done, the reader algorithm (mathematical calculation) generates one of probably 100,000 valid 8 digit numbers which will allow you to access your online account. Based on my guess of only 100,000 valid 8 digit numbers – you would have 1 in 1,000 chance of guessing a valid number.
Your online bank knows that you are accessing your account and so can use the same algorithm to determine that the 8 digit number entered is one of the valid numbers for your account and bank card.
I suspect that once a particular 8 digit number sequence has been used to access your account, that the account cannot be accessed using the same number again. This would stop someone who had placed a key logger or some other intercept on your PC from using it.