In today’s sophisticated world of PCs, tablets, laptops, smart phones, and 24-hour wireless connectivity, most of our banking transactions, purchasing, bill payments and many other transactions are done online. We do this expecting that the outlets chosen are using the prime and protected financial portals for the financial transactions. Any gap in this security could possibly result in loss of secret data that could be maltreated by deceptive hackers.
If you are just buying a product online, you will be asked for your credentials such as user name or login ID after which you will be asked to enter a transaction ID usually send via Transactional SMS; this along with the log-in ID assures and securely authenticates you as the original account holder and move further with the transaction. If there is a doubt about the originality of the user, banks and other financial institutions send OTP SMS authentication, which is delivered to the registered mobile user as a part of the log in process; this only works for customers or users who have registered their mobile or smart phone numbers with the bank.
Another method that banks and other financial organizations ensure the safety of their customers when using the online payment option is to use a managed two factor authentication method to reinforce their authentication process. When online payment and transactions first began, we just had to use a specific factor, i.e., our password and username to authenticate ourselves, but that was not a very safe method pointing to the two factor authentication method. By using this authentication method, customers were provided with an additional layer of security through using a second type of authentication besides the conventional username and log-in password i.e. by sending an OTP SMS.
Companies needing high-security consent for their employees when working online away from the office or headquarters use single-hearted tokens like the key fobs or SecureID keys from organizations like RSA. This offers a unique password in every sixty seconds and was used as 2fa for a very long time. However, with that system being contravened, security services have come up with the tokenless OTP. This was found to be quite helpful for banks, particularly when their customers use the ATM machine to draw money or many other transactions. You swipe the magnetic ATM card which then asks for the confidential PIN, which is the second verification factor. But, it is in online transactions that most people use the 2fa process, without even knowing it.
As it is very well known that security and convenience are inversely proportional to each other. It means the more security you need, the less convenient it is and the more convenience you need, the less secure they make you. No matter what security measures we try to apply, the human attribute will be a very weak link in the chain of security.