It is becoming common for users to make financial transactions across networks. Performing financial transactions across a network can introduce a security risk because a thief can impersonate the user and illicitly access the account.
In one example, a user engages in on-line banking and accesses an account at a bank. Typically, the user logs onto a web page of the bank and accesses the bank account through this web page after entering a username and password. A thief sends the unsuspecting user an email that impersonates an official email communication from the bank. The email asks the user to update account information such as address information on file at the bank. The user responds by typing in sensitive information such as the user account number, username and password. This sensitive information is then returned to the thief rather than the bank. Once the thief has the information, the thief uses the information to access the user's bank account.
In a second example, a user is not fooled into responding to a communication from a thief masquerading as an official communication from the bank. Rather, the thief observes the user when the user is engaging in a legitimate transaction with the bank. The thief may, for example, use a video camera to capture the actions of the user or install a software program that records keystrokes when the user types on a computer keyboard. This may occur, for example, in an airport or busy public place. The user types the username and password into the computer when engaging in the transaction. The thief captures the transaction and records the keystrokes of the user and possibly the contents of the screen of the computer being used. The thief then views the recording, generally at a much slower rate, and records the user's keystrokes and the screen contents. Once the thief has the username and password, the thief can use the information to access the user's bank account.
A solution to these security problems is currently being used, primarily in Europe. The user is issued a token by the bank. The token may be an electronic security token that generates passwords. The token may be a scratch off ticket that reveals passwords. When the user engages in the transaction with the bank, the user also supplies a password provided by the token. Because the bank originally supplied the user with the token, the bank knows which passwords should be generated by the token issued to a particular user. The bank uses the supplied password to verify that the user is also the correct holder of the token.
If a thief were to steal the electronic token or the scratch off token, and if the thief had the username and password, then the thief may still be able to impersonate the user and gain access to the account. An electronic token may therefore require the user to enter a Personal Identification Number (PIN) such that the password generated by the token is a function of the PIN. If a thief were to steal the electronic token, the thief would not be able to use the token to access the bank account unless the thief were also able to learn the PIN required by the token. Entering the wrong PIN into the token will generate a password, but the password will be known by the bank to be a false password. The bank may then deny attempts to gain access to an account with a false password. This requires the thief to steal a physical object from the user, which is harder than stealing electronic data. This added step tends to reduce attempts by thieves to gain access to bank accounts of users who use tokens.
With the increasing use of such tokens, a problem has developed in that a user may be required to carry multiple tokens in order to be able to access different accounts. The user may, for example, use one electronic token with one PIN in order to access a bank account. The same user may, for example, use a second electronic token and a second PIN in order to access a stock trading account. The user may use a third scratch-off ticket to access a second bank account. The use of multiple tokens and possibly multiple token PINs is cumbersome and confusing and may lead to the user using the wrong token and PIN to attempt to access an account. The user is more likely to forget the particular PIN required by a particular token if the token is but one of multiple tokens having different passwords. In addition, carrying multiple tokens is cumbersome and may lead to confusion regarding which token is required to access each account.
A solution is desired.