For some time several Australian Banks have been interested in setting up online banking via the web. Currently the Commonwealth Bank does have online banking, but on non-internetworked servers. This requires an encrypted password. Currently this involves logging into the bank server directly transfering the password, at which case the user has access to their accounts. The unfortunate details are that the instructions for the account are not sent encrypted. Apart from the initial password, all data is sent plain text. There is likely to be implemented an inital web trial of this service in December this year. Hopefully the security will be upgraded a little. Where this is not likely is that the likely canditate for encryption over the net is going to be 40bit netscape (as what bank wants to go against the wishes of the US gov). The banks feel secure in that they are providing a 128bit secured password to the customer via mail. This seems to be the end of the security. While the average member of the public blindly trusts the banks to keep them safe, and untill there is a user friendly means of encrypting data (that the US government supports), I can see alot of room for fraud. ,'~``. \|/ ,'``~. (-o=o-) (@ @) ,(-o=o-), +--.oooO--(_)--Ooo-----oOO-(_)-OOo-------oooO--(_)--Oooo.------+ | | | Soon, we may all be staring at our computers, wondering | | whether they're staring back. | | | | [Network Admin For WPA Business Products. aka doshai >;-) ] | | .oooO http://pip.com.au/~doshai/ Oooo. | | ( ) Oooo. .oooO ( ) | +-----\ (----( )-------oooO-Oooo--------( )--- ) /---------+ \_) ) / \ ( (_/ (_/ \_) Key fingerprint = 2D F4 54 BB B4 EA F1 E7 B6 DE 48 92 FC 8D FF 49 Send a message with the subject "send pgp-key" for a copy of my key. (if I want to give it to you)