[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Henry Bremridge wrote: > The blurb on the smart card is as follows "Welcome to your HSBCnet Security > Device – it is used to authenticate your identity when you log on to > HSBCnet. It works by generating a security code unique to your account that > HSBCnet can recognise. This code can only be used to access the site once > and the Security Device will calculate a new security code the next time > you log on. For this reason, this code is sometimes referred to as a > one-time-password. This security code also has an expiry period and will > only be valid for a set period of time before a new code has to be > generated using the Security Device. FYI: This sounds just like all the other smartcard systems, it definitely appears worth checking with gnupg-users. Hopefully, the end-user (HSBC) should be irrelevant. If they've followed the smartcard standards (such as they are) then the means of entering the PIN are irrelevant. What matters is that the browser can pass the information on to the website - which is another standard method. The biggest component is Java. Get that sorted (so that you have the same JDK) and it will be a lot easier. The one thing that page does not describe is the kind of smartcard in use. Do you have any data on that? Usually begins PKS.... IIRC. It's tricky because I'd bet you would prefer to tinker with a 'spare' smartcard and not risk the real one but the risk is small - the smartcard should be read-only after all. It's an area I have looked at briefly but not in any depth. Ask the gnupg lot before doing anything else. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/
Attachment:
signature.asc
Description: OpenPGP digital signature
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html