The eKaay PIN method is a 2-factor authentication method with the smartphone as a second factor. It has the special property that the password/PIN cannot be tapped by malware on the PC, and neither by malware on the Smartphone.
In order to log in first scan the 2D code with the eKaay app. Afterwards enter your PIN by mouse-clicking the digits of your PIN into the empty fields on the PC's screen according the permutation of the digits shown on your smartphone.
But first activate eKaay PIN on your smartphone: (if not yet done)
Why does this method prevent trojans from tapping the PIN? because a trojan sitting on the PC only "sees" mouse clicks into the empty number field, but the trojan does not know the meaning of the clicks! And a trojan sitting on the cell phone is able to see to digits but it does not see the clicks!
Of course, a double trojan on both devices is able to break eKaay PIN.
You think it is difficult to find the digits when they are shown in a permuted way? in that case please compare yourself with this guy (YouTube).
Transaction signing with ekaay PIN: QR-Code Payment.
eKaay PIN could be used for Online Banking, i.e. for the signing of money transfers. But this may not be secure enough because of smartphone malware. Generally, every Online Banking methode using only the smartphone should be considered too insecure.
B.Borchert, K.Reinhardt, 2007. Patent (DE-10-2007-052734-B4) granted.