3 Jan
2007
3 Jan
'07
9:49 a.m.
SecureID might be helpful if you want to differentiate your product between automatic and manual use, but it doesn't do anything to authenticate the party you are relaying information to. But it's useless in a phishing context. If you want a token solution, at least use something that factors in transaction-related data.
Florian, Sorry we didn't' specifically recommend any solution simply that they need to look are more secure authentication systems to minimize phishing issues. As you note even the most secure systems can be beaten. Neil.