FNB Digitag :/

[Dolby]

I've had mine for a few years and the battery is dying, numbers rubbing off and it's almost dead (been on my keyring).

I called FNB and was told they don't offer them anymore - and rather send OTP like the other banks.

I remember when buying it initially they said one major benefit was that nothing travelled over the GSM network where they had no control to be intercepted, delayed etc

After all this trouble with the Vodacom scam - why don't they (and other banks) bring it back? Anyone work in a bank have a valid reason?

FNB was the one account I felt really secure as long as I had my Digitag!

 

[RazedInBlack]

Dolby? How does the digitag actually work?

 

[Dolby]

It's a small keyring device that generated 8 random digits (based on algorithim) that needed to be entered into Online banking. It had to be synced with the site initially.

On going to online banking, you had to enter your username, password and the 8 random digits - and since they were attached to my keys, no one could could access

I have 3 x online banking accounts and could give anyone my details if I wanted (girlfriend, wife, brother), but the FNB one could not be accessd - which was pretty cool!

 

[Franna]

Get a Capitec account - they use them for online banking security.

 

[supersunbird]

Get a Capitec account - they use them for online banking security.

+1

I have use my Capitec one. They don't even do the cellphone thing.

 

[Dolby]

I'll check it out!

"To access your account(s), you will be required to enter your unique user identity, password and token code. A token is a small device that generates random authorisation codes which are required whenever you access online banking or do electronic transfers. It eliminates the risk of this sensitive information, typically sent via cellular networks, from being intercepted which could compromise your account security.
Tokens are issued at branches during registration for a once-off fee of R125, and help prevent unauthorised access of your account(s)."

 

[bwana]

I'm happy with FNB's implementation of the OTP system.

 

[Dolby]

I'm happy with FNB's implementation of the OTP system.

But using OTP over GSM is how all the guys were scammed recently?

 

[Nerfherder]

I would prefer OTP over GSM.... then the cellphone networks can take responsibility for when it fails.

I can imagine the logistics of reissuing the tokein if it gets "cracked"

 

[mh348]

FNB staff still make use of the digitag.

 

[cipha]

the only way your account will get hacked with OTP is if you give out your username and password. just dont do it

 

[Frankie]

the only way your account will get hacked with OTP is if you give out your username and password. just dont do it

They'd need your user name and password to your FNB and email account, and if someone is that lax then they deserve to be scammed.

 

[Frankie]

But using OTP over GSM is how all the guys were scammed recently?

The OTP is sent by email.

 

[Ice2Cool]

I believe theyre bringinn them back. Theyre being implemented on some of our high risk systems - specifically the one that is used to access clients FNB accounts.

 

[Dolby]

The OTP is sent by email.

Perhaps both? Or a choice?

The scam relied on duplicated a SIM card and intercepting the OTP

 

[TowerGuru]

Um am i the only one who thinks the digitag is just a fancy way of saying Keygen? You know that thing that people use to pirate software? What's stopping some hacker from finding the algorithm on the banks servers? Or even his own digitag and then making a keygen from that? Digitag doesnt sound all that secure to me...

 

[rorz0r]

If a hacker could find the algorithm on the banks servers he probably wouldn't need your username/password/digitagkey/otp etc. The digitag type things each have a unique "private key" as such so even though there's one algorithm there's still unique keys.

 

[Dolby]

Um am i the only one who thinks the digitag is just a fancy way of saying Keygen? You know that thing that people use to pirate software? What's stopping some hacker from finding the algorithm on the banks servers? Or even his own digitag and then making a keygen from that? Digitag doesnt sound all that secure to me...

How many cases of online fraud have you heard of when using Digitag (brand name - it is a keygen ...)

How many cases when not using it ?

It's an extra layer of security which is pretty welcome to most

 

[bwana]

The OTP is sent by email.

For FNB you choose a primary and a secondary method - my first option is email but you can have it set to sms if you like.

AFAIK - as long as you stick to procedure and dont reveal your username/pwd to anyone they will cover any fraudulent activities. If you succumb to a phishing scam all bets are off though.