MyPay has stronger on-line security features than many financial institutions. Earlier this year, Defense Finance and Accounting Service (DFAS) announced implemented a new security measure to myPay, the on-line website for military and civilian pay. The new security feature is a virtual keyboard used to input your PIN information.
Users are required to input their PIN information by clicking the corresponding letters/numbers from the on-screen virtual keyboard. The letters and numbers are randomly generated and will not appear in the same order from visit to visit. Because the customer uses mouse clicks to input the numbers, the virtual keyboard will reduce the risk of hackers gaining access to users accounts through malicious programming such as spyware, trojan horses, and keylogging software.
The method for inputting the Login ID remains unchanged. I would like to see myPay also use the virtual keyboard for the Login ID because the current method, direct typing, does not protect against malicious software. It is still possible for thieves to do damage with the Login ID information.
DFAS has a page on its website dedicated to Internet Security and Protecting Your Computer. It is good information to read for a refresher on Internet security.
The virtual keyboard is a good way to prevent some forms of on-line theft, and I believe it will become more common in the near future. Capital One 360 and TradeKing have a similar feature for inputting PIN information, but I am not sure how many other banks or financial institutions do this.