Improving Netelller security measures

[JAque]

A I understand it, German banks require a validation code in additon to userid and password. For ever transaction , there is a transaction code (provided by the bank) that needs to be cross checked against a validation list provided to the customer when the account was created ( a list of 300) Therefore, if a hacker were to get your user id and password, he will still need the list to enter the next validation code (this list could be kept on paper,USB stick , etc so it can't be stolen from your PC). A keylogger will get your userid and password but it will not have the next validation code for the next transaction.
For example, for a single transaction you need your userid, password , transaction number (provided by bank at the time of the transaction ) and the validation code (provided by the user at the time of the transaction). All this information has to match for a transaction to go though.

In the case of Neteller, we may need a validation code for depositing. withdrawing and peer to peer transfers.
Ofcourse , the transaction codes are random and the validation codes will not be used in sequence. At one point the the codes have to be recycled or you will need to request more from Neteller.

I am sure there are holes using this approach but it makes it really hard for keyloggers and hackers that get into your PC unless they get a hold of your validation list.


thoughts ??

JAque