Jump to content

DBS Internet banking Secure Device

Macross1

By Macross1,
in Lite & EZ

 Share

Recommended Posts

Macross1

Macross1

Neutral Newbie

Anyone knows how that thing works?

 

People with DBS Internet Banking will know what I'm talking about.

After entering your User id and pin, you have to enter a randomly generated password by pressing a buttton on your ib secure device.

 

Wondering how the thing works... Enlighten me someone.

↡ Advertisement
Link to post
Share on other sites
Sotong_kia

Sotong_kia

Neutral Newbie

Its not exactly with timing..

 

The one the banks are using is just a sequence of numbers generated with a certain algorithm.

 

There are those that are based on time.. Those tokens will display codes all the time, and you see it changing every 1 minute or so..

Link to post
Share on other sites
Nhrisuzu

Nhrisuzu

1st Gear

i tried memorizing the number .. when i log into the IB webbie..

 

i key-ed in.. i think if u just remember that same set of number, u can throw the device away liao..

 

yet to try memorizing the number for 1 day.. just tried for like 1hr.. [sweatdrop]

Link to post
Share on other sites
Sabian

Sabian

Turbocharged

u remember the DeeBeeAss case?

the one where the cheena FT managed to phlish the ID/password of the bank's IB users.

 

this one is to counteract that. even if that CB kia can get hold of your first level password and even a glimpse of your 2nd level (generated by the token), he will not be able to log in cos the 2nd pw is dynamic rather than static like the 1st level.

 

the setting up of a account payee also requires the 2nd level pw so even if can get in within the time limit, cannot set up fund transfer party's account.

Link to post
Share on other sites
Pippo20

Pippo20

Neutral Newbie

DBS website will have the instructions.. IMO, UOB has the best verification, all other banks about the same..

Link to post
Share on other sites
Solar

Solar

Turbocharged

actually, by using this device, we are helping dbs save costs... in terms of sms authentication.

each sms costs $$$...

 

to gain access, the traditional method is via 'what you know', ie. username and password.

but this is not enough, as evident from the previous incident.

this is where the 2 factor authentication come in... via 'what you own' method, this case, either the token (dbs) or mobile phone (sms).

the codes are generated randomly based on a certain algorithm (formula, in layman terms), and the same is also running at the same time on the server.

when the user keys in the code, this website will check with the server to see whether they are the same, if so, let the person proceed.

 

i find the token troublesome.. lost it still need to pay... some banks use the mobile phone method.. citibank is one of them thumbsup.gif

Link to post
Share on other sites
Corgan

Corgan

Neutral Newbie

actually, MAS is advising that the banks have a 3rd level of authentication. THis is done prior to fund transfer. Details are not out yet but I heard it over the news under MAS advisory.

 

Citibank's HP method is indeed more use friendly. No need to bring the dongle around.

Link to post
Share on other sites
Ultramega

Ultramega

1st Gear
  Quote
i tried memorizing the number .. when i log into the IB webbie..

 

i key-ed in.. i think if u just remember that same set of number, u can throw the device away liao..

 

yet to try memorizing the number for 1 day.. just tried for like 1hr.. [sweatdrop]

 

How can it be so easy to break? don't be silly la. [hur]

Link to post
Share on other sites
Kyousuke

Kyousuke

Neutral Newbie
  Quote
i tried memorizing the number .. when i log into the IB webbie..

 

i key-ed in.. i think if u just remember that same set of number, u can throw the device away liao..

 

yet to try memorizing the number for 1 day.. just tried for like 1hr.. [sweatdrop]

 

You are talking thru your ass. [hur]

Link to post
Share on other sites
Singaporean1965

Singaporean1965

Neutral Newbie
  Quote
i tried memorizing the number .. when i log into the IB webbie..

 

hmmm....i think cannot be "pre-generated" and use at a later time/date. I am with DBS internet banking. When they just started implementing the usage of this device, i tried b4. I pre-generated a few numbers, copied down, as I didnt want to bring the device overseas. Then a few days later, i tried all the pre-generated numbers, all cannot work wor

[laugh]

Link to post
Share on other sites
Melissa

Melissa

1st Gear

http://www.dbs.com.sg/sg/personal/ibanking/news/

 

Quoted: "Do I have to pay for the DBS iB Secure Device?

As a commitment to our customers, we will be issuing the first DBS iB Secure Device to our customers with our compliments. The DBS iB Secure Device has a long lifespan and should last up to 5 years before it has to be replaced. As with all other banking collaterals, such as ATM and credit cards, there will be a replacement charge for lost DBS iB Secure devices. In this case, the charge is $20 (subject to GST)."

 

I think you got to check with DBS..

Link to post
Share on other sites
Espire

Espire

1st Gear
  Quote
The IB device runs on batt rite? So whats its life span? Why can't DBAss give its customers the choice of SMS password...

 

cos they r Dumb and like to BullShit... [lipsrsealed]

Link to post
Share on other sites
Sabian

Sabian

Turbocharged
  Quote
The IB device runs on batt rite? So whats its life span? Why can't DBAss give its customers the choice of SMS password...

 

Typically 3-5yrs.

DBS kiam mah. 1 method easier to implement mah.

↡ Advertisement
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...