Monday, May 14, 2007

Everyday Privacy & Security Part 2: Fear Factor Authentication, or I Won't Forget You Baby, Even Though I Should

If you are like me, or, if in fact, you are me, your online financial transacting experience has gone all Security 2.0 by the factor of WOW!

Over the weekend, I had an unpleasant experience. The clerk at our local What-Nots 'N Such franchise denied me use of my cash card. I figured my financial institution was trying to protect me whilst humiliating me, so I scurried home and logged into my financial institution's websperience.

But! Wait! My financial institution has gone all Fort Knoxy on my ass since the last time I websperienced them. They want to really get to know me before I can check out my balance. It went like this:

Dude! We're all secure and stuff now. It may be a pain in the back-end, but you will thank us because we will know you better. It's all legal. As a matter of fact, we wouldn't even be doing this unless we had to, but banking is mostly about money, and partly about pretending. So let's pretend.
Please enter your account number.

O.k.. But, no, that was your SSN.

Wait. Ooops. O.k. Let's call it an account number for now and move on.

Here are some fun disclosures for you to read. I'll wait here whilst you peruse them. Our attorneys wrote them to be concise but with a hint of whimsy, sort of P.G. Wodehouse meets Sartre.

Done already? Man, took our lawyers a bit longer, but whatever. Let us begin.

Type in some random characters.

More... More.... TOO MANY.
Did you include some numbers? Try that.
And some non-alphanumerics.

Hope you remembered that. It could be your new password, or your new account number or what the tellers will whisper under their breaths when you come in to get a loan.

Now comes the fun part.
To your right you will see pictures of six different semi tractor trailers. We're going to use these pictures to identify you in the future.

Please pick the truck that most resembles your maternal grandmother.

Interesting choice.

Now some questions. Answer using your gut, and pretend that this is just between you and us. We'll use these questions for something in the future, probably resetting your password when you realize that your keyboard doesn't have a cent symbol on it. But pretend it's a legit reason.

Answer the following to the best of your knowledge:

Your favorite color.

The brand undergarment you are wearing right now.

Your favorite place for making whoopee (City and State only, please!)

Your favorite Poison lyric.

Interesting. You know you just qualified for a boat loan the way you answered that last one.

Now just press enter. (I hope you have Javascript, ActiveX and are typing this from a Internet Explorer 6 on Windows XP cause else I don't know what's going to happen.)

Sorry! You chose the wrong truck. Let's start again. Hit the back button. NO, NOT THAT BACK BUTTON!

Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'login_id' to a column of data type int.
/index.asp, line 5


shrdlu said...

Pahss dee Dutcher from dee left-hahnd-side! This was hilarious. I don't even mind being unseated after TWO DAYS as Alex's Post of the Week.

Dutcher Stiles said...

I believe Alex is using some Bayesian calculation to determine there is a non-zero probability that this week has only two days.