One reason U.S. regulators are so suddenly be advocating two-factor authentication for U.S. financial tranactions may be that they doubtless know about what happened in the U.K. with one-factor ATM cards some years ago:

This is the story of how the UK banking system could have collapsed in the early 1990s, but for the forbearance of a junior barrister who also happened to be an expert in computer law – and who discovered that at that time the computing department of one of the banks issuing ATM cards had “gone rogue”, cracking PINs and taking money from customers’ accounts with abandon.
— How ATM fraud nearly brought down British banking Phantoms and rogue banks, By Charles Arthur, The Register, Published Friday 21st October 2005 09:52 GMT

This problem had been going on since the 1980s, and there has been a class action lawsuit in process since 1992 trying to force the affected banks to replace the money stolen from their customers. Why have we only heard about it now? Continue reading →