Anyone with a Bank of America account or connected to the financial community has heard about Passmark. Passmark, who was recently aquired by RSA (who was subsequently acquired by EMC) utilizes a variety of technologies to identify and thwart online fraud. The primary mechanism being their SiteKey product, which I (and many others) consider down right silly. In this piece by Security Pro News, you can read all about a known and obvious exploit.

The problem here is not that Passmark's picture can be defeated, but that so many technologies once considered highly secure are regularly being hacked. And this is just the beginning.

In order for online financial services to truly move into a secure realm, I believe there is going to have to be a shift away from a pure HTML / Web based solution to an object or application based technology. If you have ever wondered how you can protect yourself, take a look at this piece I wrote for Uniloc.