M. Adham and A. Azodi, Yvo Desmedt, and Ioannis Karaolis. How to attack two-factor authentication internet banking, Financial Cryptography, 2013.

G. Antoniou and L. Batten, E-commerce: protecting purchaser privacy to enforce trust. Electronic commerce research, pp.421-456, 2011.
DOI : 10.1007/s10660-011-9083-3

URL : http://dro.deakin.edu.au/eserv/DU:30040596/batten-ecommerceprotecting-2011.pdf

R. M. Bolle, J. H. Connell, and N. K. Ratha, Biometric perils and patches, Pattern Recognition, vol.35, issue.12, pp.2727-2738, 2002.
DOI : 10.1016/S0031-3203(01)00247-3

E. Commission, 31/ec of the european parliament and of the council of 8 june 2000 on certain legal aspects of information society services, in particular electronic commerce, in the internal market, 2000.

E. Commission, ec of the european parliament and of the council of 13 november 2007 on payment services in the internal market amending directives 97/7/ec, 2002.

. European-payments and . Council, Sepa -single euro payment area, 2007.

J. Daugman, New Methods in Iris Recognition, IEEE Transactions on Systems, Man and Cybernetics, Part B (Cybernetics), vol.37, issue.5, pp.1167-1175, 2007.
DOI : 10.1109/TSMCB.2007.903540

S. Drimer, S. Murdoch, R. Anderson, and R. , Optimised to fail: Card readers for online banking. Financial Cryptography and Data Security, pp.184-200, 2009.

Y. Espelid, L. H. Netland, A. Klingsheim, and K. Hole, A proof of concept attack against norwegian internet banking systems. Financial Cryptography and Data Security, pp.197-201, 2008.

M. International, Chip authentication program functional architecture, 2004.

A. Jøsang and S. Pope, User centric identity management, AusCERT Asia Pacific Information Technology Security Conference, p.77, 2005.

A. Juels and M. Sudan, A fuzzy vault scheme, Proceedings IEEE International Symposium on Information Theory,, p.408, 2002.
DOI : 10.1109/ISIT.2002.1023680

A. Juels and M. Wattenberg, A fuzzy commitment scheme, Proceedings of the 6th ACM conference on Computer and communications security , CCS '99, pp.28-36, 1999.
DOI : 10.1145/319709.319714

H. Klevjer, K. A. Varmedal, and A. Jøsang, Extended HTTP Digest Access Authentication, Policies and Research in Identity Management, pp.83-96, 2013.
DOI : 10.1007/978-3-642-37282-7_7

URL : https://hal.archives-ouvertes.fr/hal-01470505

S. Li, A. Sadeghi, S. Heisrath, R. Schmitz, and J. Ahmad, hPIN/hTAN: A Lightweight and Low-Cost E-Banking Solution against Untrusted Computers, Financial Cryptography, 2011.
DOI : 10.1007/978-3-642-27576-0_19

B. S. Manjunath and W. Y. Ma, Texture features for browsing and retrieval of image data, IEEE Transactions on Pattern Analysis and Machine Intelligence, vol.18, issue.8, pp.37-42, 1996.
DOI : 10.1109/34.531803

S. Murdoch and R. Anderson, Verified by visa and mastercard securecode: or, how not to design authentication. Financial Cryptography and Data Security, pp.336-342, 2010.

M. Osadchy, B. Pinkas, A. Jarrous, and B. Moskovich, SCiFI - A System for Secure Face Identification, 2010 IEEE Symposium on Security and Privacy, 2010.
DOI : 10.1109/SP.2010.39

V. Pasupathinathan, J. Pieprzyk, H. Wang, and J. Y. Cho, Formal analysis of card-based payment systems in mobile devices, Proceedings of the 2006 Australasian workshops on Grid computing and e-research, pp.213-220, 2006.

N. K. Ratha, J. H. Connell, and R. Bolle, Enhancing security and privacy in biometrics-based authentication systems, IBM Systems Journal, vol.40, issue.3, pp.2245-2255, 2001.
DOI : 10.1147/sj.403.0614

C. Rathgeb and A. Uhl, A survey on biometric cryptosystems and cancelable biometrics, EURASIP Journal on Information Security, vol.2011, issue.1, 2011.
DOI : 10.1109/TIFS.2006.873653

A. B. Teoh, D. Ngo, and A. Goh, Biohashing: two factor authentication featuring fingerprint data and tokenised random number. Pattern recognition, 2004.

. Kent-are, H. Varmedal, J. Klevjer, A. Hovlandsvåg, J. Jøsang et al., The offpad: Requirements and usage, Network and System Security, pp.80-93, 2013.

. Visa, 3D secure protocol specification, core functions, 2002.