Comment Re:Not over the phone (Score 1) 224
If prompt is the only security offered, PGP is an enormous overkill. Just use an address book, and configure email client to prompt when sending to out of address book recipients.
Q : CronoCloud is not in address book. Post anyway?
Ans : YES slashdot, post it. Nothing sensitive in this post and it is publicly visible anyway.
Advantages :
1. Customer doesn't have to do anything.
2. Financial institution IT can handle this - most likely by MS ActiveDirectory group policy or something like that.
If confirmation prompt is not enough security, the sensitive information will be encrypted to the wrong customer's public key and send to that same wrong customer.