An Analysis of the Online Banking Security Issues Reported by Hole, Moen, and Tjostheim
نویسنده
چکیده
Online Banking has become increasingly popular globally, because it is so easy and convenient for Internet users to manage their bank accounts from anywhere of the world at any time. Banks have encouraged for this trend for years, since Online Banking also saves lots of resources for the banks regarding of staff training, investment for ATMs and branches, and other operations costs. The Internet enhanced the user experience of banking activities dramatically. However, since the Internet is not originally designed for Online Banking, Online Banking now is facing a wide range of security risks for both the banks and the Online Banking users such as brute-force attacks, distributed attacks, and social phishing. The banks have to increase their Online Banking security system constantly, which means the banks have to keep investing on the security systems all the time. Compared with the possibility of the lost from the potential risks, the banks may not want to update their current security systems, because the cost of upgrading security is too expensive and the risks of loss are low. Then this will leave the lots of security responsibilities to the Online Banking users. However, the customers’ PCs actually are always the weakest link for the Online Banking security. The customers would rather to choose convenience and easy-to-use than complex login procedure for Online Banking. In other words they would choose great choose great user experience with foolproof security. This paper will discuss and analyze the Online Banking security issues reported by Hole et al. In this paper, both Lampson’s work and Claessens’ work will be used as a framework and a security analysis “language”. The Online Banking security is a wide range of topic. This paper will discuss and analyze two important security issues related to the security policy, design and implementation which reported by Hole et al, focusing on client authentication and related attacks. This paper will use case study method to analyze both issues.
منابع مشابه
Next Generation Internet Banking in Norway
The Norwegian banking industry has introduced a new security infrastructure for web applications, including Internet banking. The infrastructure, called BankID, has the potential to increase the security of today’s web applications and facilitate new business opportunities. The authors consider BankID from the customers’ point of view, analyze the risk the customers take when using BankID, and ...
متن کاملBiometric Authentication of Fingerprint for Banking Users, Using Stream Cipher Algorithm
Providing banking services, especially online banking and electronic payment systems, has always been associated with high concerns about security risks. In this paper, customer authentication for their transactions in electronic banking has been discussed, and a more appropriate way of using biometric fingerprint data, as well as encrypting those data in a different way, has been suggest...
متن کاملAssessment of the Factors Affecting the Acceptance of Online Banking by Consumers with an Emphasis on the Aspect of Risk (Case Study: Customers of Refah Bank in Qazvin Province of Iran)
Nowadays, internet technology provides an opportunity for banks and financial institutions to take advantages in dynamic and competitive turbulent environment in their favor. In addition, considering the importance and status of internet banking and growing trend of it in the country in recent years, now banks and financial institutions have found that maintaining status and effective developme...
متن کاملOnline Banking Security Analysis based on STRIDE Threat Model
This paper refers important issues regarding how to evaluate the security threats of the online banking effectively, a system threat analysis method combining STRIDE threat model and threat tree analysis is proposed, which improves the efficiency of the threat analysis greatly and also has good practicability. By applying this method to the online banking system threat analysis, we construct ST...
متن کاملOnline Dimensional Controlling System for Drilling
The drilling is well known as one of the most common hole making processes in the industry.Due to close tolerance requirement for drilled holes in the most of work pieces, onlinecontrolling of the diameter of drilled holes seems to be necessary. In the current work, an onlinedimensional controlling system was developed for drilling process. Doing this, drilling processwas executed in different ...
متن کامل