Its been quite a good time since I had started working on online authentication security solutions. I reckon not many companies are dealing in such a vulnerable and sensitive area of internet world even though there are good chances of improvement.

I have talk to many people about the possible threats and attacks right from client machine to channel security compromises. I have found that people want to use internet facility but they don't want to go technical about it. They want companies to deal these problems. At the same time they want technology which is easy to use and understand.

There are so many possible ways to steal users credentials that it becomes very difficult to make something which fits into users requirements with no compromises in security. To tackle every problem, makes the application little complicated to deal with. To make their applications user friendly companies often compromises with the level and range of possible venerabilities.

There is one more thing which I have noticed that its easy to use complicated solutions in Indian market than to US market . The reason is , In US people of different age group uses online transactions very often compare to India where this range is limited mainly to young educated professionals.

ICICI's online authentication system asks for two static passwords in addition of grid numbers for a transcation. ICICI's grid technology is a fine example of one of the complicated solutions working in Indian market. I think this technology for deceiving people as it has same level of security as they were providing earlier with 16 digit CCV numbers.