Robbing Banks with Their Own Software-an Exploit Against Norwegian Online Banks

نویسندگان

  • Yngve Espelid
  • Lars-Helge Netland
  • André N. Klingsheim
  • Kjell Jørgen Hole
چکیده

The banking industry in Norway has developed a new security infrastructure for conducting commerce on the Internet. The initiative, called BankID, aims to become a national ID infrastructure supporting services such as authentication and digital signatures for the entire Norwegian population. This paper describes a man-in-the-middle vulnerability in online banking applications using BankID. An exploit has been implemented and successfully run against two randomly chosen online banking systems to demonstrate the seriousness of the attack.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Online Banking Security

I nternet banking is increasingly popular both in Norway and elsewhere. Banks have actively encouraged this cost-saving trend by persuading customers to sign up. Customers, attracted by online banking’s convenience, seem largely unconcerned about identity theft and phishing email scams. In fact, most customers seem to believe that Internet banking is quite safe simply because their banks told t...

متن کامل

The Impact of Components of Intellectual Capital and Value added Intellectual Coefficient on Banks’ Financial Performance

  In the knowledge-based economy, intellectual capital is used to create value for organizations. Organizations seek to create, manage, expand and exploit optimal intellectual capital in terms of organizational value creation and business process improvement. Considering the competitiveness of the present age seems that banks must improve their performance to achieve their goals and perform th...

متن کامل

Assessment of the Factors Affecting the Acceptance of Online Banking by Consumers with an Emphasis on the Aspect of Risk (Case Study: Customers of Refah Bank in Qazvin Province of Iran)

Nowadays, internet technology provides an opportunity for banks and financial institutions to take advantages in dynamic and competitive turbulent environment in their favor. In addition, considering the importance and status of internet banking and growing trend of it in the country in recent years, now banks and financial institutions have found that maintaining status and effective developme...

متن کامل

E-Banking Impact on the Profit Margin of Banks in Iran

Development of e-banking has empirically modified the structure and characters of banks’ performance, efficiency, risk and challenges which have also been articulately recognized based on the international best practices. E-banking brazenly accelerates and restructures financial transactions via enhancing technology and expanding the banking services in comparison with conventional banking. Acc...

متن کامل

Compliance with Statement of Accounting Standards and Performance of Nigerian Banks

Banks play important roles in promoting national development. In order to provide efficient services and to perform their statutory roles effectively, banks are required to comply with established standards. In Nigeria, the Statement of Accounting Standards (SAS), Companies and Allied Matters Act (CAMA) and the Central Bank of Nigeria’s directives and regulations provide guidelines to banks in ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2008