On Wed, 2012-08-01 at 11:58 +0200, Anders Rundgren wrote: > http://www.finextra.com/news/announcement.aspx?pressreleaseid=45624 > > Current platforms are useless for banking so what else could they do?
The big problem with the VbV insanity wasn't the current platforms. It was largely the user experience — a frame in the browser, where they can't *tell* that it's actually from a trusted site; it appears in a page that's on the "untrusted" merchant site. Into which you're expected to type parts of your password. Any sane person refused to use it anyway, surely? VbV was just another case of banks actively *training* their customers to succumb to fraud. Just like when they send non-S/MIME-signed email. I'm pleased to see it being phased out, at least in its current form. -- dwmw2
smime.p7s
Description: S/MIME cryptographic signature
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
