DBS Bank have just introduced 2 factors authentication using SecureID tokens together with existing login PIN.
This, I like very much, as it provides a much secured internet banking experiences.
However, something which I noticed different from the regular RSA secured ID tokens which I am more accustomed to, is that I do not need to key in 4 digits before the random token displayed 6 digits PIN.
Also, I do not like the way the login forms are being designed and implemented. One have to log in via the regular login window, using login ID, login PIN. And once authenticated, the token PIN login page will be displayed.
The token PIN fields could have and should be integrated into the initial login page, providing user with 3 fields to fill in. This way, one could access the iBank application as it was after the authentications. I am sure this is faster, and makes users happier. The back end authentications should be as transparent to users as it was before today eh ?
On another thoughts on authentications when I was reading some discussion on DBS's token solution why can't we have a single-sign-on solution in Singapore itself as it is so small ?
Could singpass be open up sets of API for commercial users to makes of it's authentication services? PKI that is.
I am sure it will rocks the world ...
PS: you can say that I am a dreamer ..
