IT security expert Bruce Schneier has warned that plans to move to two-factor authentication will not solve online fraud.

Schneier pointed out that the tokens will not stop the most common types of attacks. Tokens can work well in corporate environments but will be ineffective against much of today’s crime since it relies on tricking users rather than beating passwords.

“Two-factor authentication doesn’t solve anything. It won’t work for remote authentication over the internet,” he said.

“I predict that banks and other financial institutions will spend millions fitting their users with two-factor authentication tokens.

“Early adopters of this technology may very well experience a significant drop in fraud for a while as attackers move to easier targets, but in the end there will be a negligible drop in the amount of fraud and identity theft.”

more from [url=http://www.vnunet.com/news/1161940]Vnunet[/url]

---

Filed under: Security - @ March 16, 2005 6:18 am