An Exprimental Investigation of the Usability of Transaction Authorization in Online Bank Security Systems
نویسندگان
چکیده
Security for online banking has changed considerably during the relatively short period that online banking has been in use. In particular, authentication and identity management in the early implementations were, and sometimes still are, vulnerable to various attacks such as phishing. Current state-of-the art solutions include methods for re-authenticating users via out-of-band channels for each transaction. This paper describes a security investigation of this type of solution. The investigation concludes that it protects against certain attacks while still being vulnerable to other obvious attacks. In the near future, it is expected that the remaining vulnerabilities will be exploited as the attackers get more sophisticated. Possible ways of protecting against these future attacks are outlined.
منابع مشابه
An Experimental Investigation of the Usability of Transaction Authorization in Online Bank Security Systems
Security for online banking has changed considerably during the relatively short period that online banking has been in use. In particular, authentication and identity management in the early implementations were, and sometimes still are, vulnerable to various attacks such as phishing. Current state-of-the art solutions include methods for re-authenticating users via out-of-band channels for ea...
متن کاملAccess control in ultra-large-scale systems using a data-centric middleware
The primary characteristic of an Ultra-Large-Scale (ULS) system is ultra-large size on any related dimension. A ULS system is generally considered as a system-of-systems with heterogeneous nodes and autonomous domains. As the size of a system-of-systems grows, and interoperability demand between sub-systems is increased, achieving more scalable and dynamic access control system becomes an im...
متن کاملOnline Banking with NFC-Enabled Bank Card and NFC-Enabled Smartphone
Banks want to use their genuine strong credential for online banking transaction authorization the debit card. Customers nowadays are usually equipped with a Smartphone and prefer to not carry a card reader in addition. Methods where developed that use the Smartphone to authorize online banking transactions. These methods are vulnerable to Smartphone malware. We present NFC-TAN as a Smartphone ...
متن کاملComputing Science Group CS-RR-10-01
South Korean Internet banking systems have a unique way of enforcing security controls. Users are obliged to install proprietary security software – typically an ActiveX plugin that implements a bundle of protection mechanisms in the user’s browser. The banks and their software suppliers claim that this provides trustworthy user platforms. One side-effect is that almost everyone in Korea uses I...
متن کاملElectronic Banking and Customer Satisfaction in Bank Melli Iran
Many e-commerce transactions via e-payment systems is carried out. The aim of this study is that the theory of structures, an empirical analysis about the importance and ranking key factors that may be on customer satisfaction in electronic payment systems affect the Iranian banks.9 specific topics of the factors in e-payment systems, customer satisfaction and affect are more key, were selected...
متن کامل