Easy to defeat. Java applet keyboard on phising scam page, customer enters data by way of keyboard, web page grabs data using form grabber and njot lame keylogger and then page says Error and redirects back to the main page of the real site. Then customer tries again and it works.

Then phisher keeps or sells data or uses it right away at the ATM.

Easy hack. No work involved. Lame attempt by banks at trying to solve phishing exploits.

Only way to be 99.9 percent effective is to use retinal scans or combo retinal and fingerprint scans using cheap affordable USB kits made by the banking sector and given to customers for free using the bazillions that banks have already made off of fee increases due to fraud that they themselves allow.

It's all about money, if they really wanted to stop fraud by phishing they could do it in less than a year by using available technolgies that customers would immediately get because customers DEMAND security that banks REFUSE to allow or obtain despite knowing the simple tools to make it work.

As long as Banks make money off of fraud they will do ZERO to remove it and only use the token efforts above to placate an already growing dissatisfaction by the populace with the banking system in place.

If the banks do nothing then they will be accused of doing nothing and making billions off it in increased fees that they do NOT use to actually increase security except for themselves in their own homes with money they pocket from every day consumers that get ripped off day after day while greedy rich bankers make billions off of their backs.

Jimbo JoeBob Jones