Is e-business secure?

My next few e-business insights will be posted from various European locations as I and my son spend the summer in a sort of combination father-and-son-bonding/midlife-crisis wander around the globe. Last week in London I saw my first Internet booth while traipsing through Soho - it looked like a phone booth, just out on the street corner, and provided a convenient way for passersby to check e-mail, and for errant correspondents to stay in touch with their editors. My son and I marveled also at the fact that there was a free e-mail station in the dining room of the local Burger King.

One of the great untapped efficiencies of e-commerce is electronic bill presentment and payment - something that could save merchants a bundle in billing costs and help them get their money quicker. To date, it hasn't caught on to any great extent in the U.S., but it's common in much of Europe, where recurring bills are automatically deducted from one's bank account. There is, of course, a dark side to the convenience of automatic payment deduction, and my cousin Macek grumbles about it, explaining that it really leaves the consumer with no flexibility in terms of when to pay bills. Money just disappears from your bank account. There's no "the check's in the mail" excuses that can be made here!

Perhaps because of that, Europeans have a greater need to stay on top of their banking, and as such, Internet banking has also caught on here more than in the U.S. Obviously, with all this money floating through cyberspace, some security measures must be taken. Europeans are no different than Americans in that neither one wants to trust their money to computers and the public Internet and all the dangers that lurk therein. But, we have happily advanced to a state where it is just about as secure to bank online as it is to walk down to your local branch, perhaps even more so if you live in a bad neighborhood.

It's not uncommon for corporations, both in the U.S. and abroad, to secure their remote networking with hardware tokens. These are little devices, about the size of a credit card, or even smaller and made to fit on a keychain - which establish two-factor authentication. This type of authentication requires two things: something the user has (i.e., the token) and something the user knows (i.e., a PIN number). Entering the PIN will trigger a one-time passcode to be generated by the token. The passcode-generating algorithm is synchronized with the server, so when the remote user enters the passcode into the computer, it goes over the Internet (through a secure tunnel) to the server, which matches it against what it says the next passcode should be, based on the same algorithm. The great thing about this approach is that even if the passcode were to be hacked in transit (which is unlikely), it couldn't be re-used, since a new passcode is generated for each session.

Corporations in the U.S. rely on this system, because it is the most secure and convenient way to allow remote users to access the network. In Europe, where people occasionally drive on the wrong side of the road and refer to the elevator as the "lift" and the subway as the "tube," it's also common in personal banking. And although it hasn't caught on for this purpose to any great extent in the U.S., the cost and ease of use of the hardware tokens has reached a level where it's practical, affordable, and only a matter of time until most consumers do their banking, bill paying, and other monetary transactions over the Internet, using token-based authentication. Unless you're a bank teller (in which case you're likely to receive a layoff notice), the benefits are obvious and everyone's a winner.

Join the newsletter!

Error: Please check your email address.

More about Burger King

Show Comments