The Radboud Reader: A Minimal Trusted Smartcard Reader for Securing Online Transactions

Abstract : We present the design of a device for securing online transactions, e.g. for internet banking, which can protect against PC malware, including Man-in-the-Browser attacks. The device consists of a USB-connected smartcard reader with a small display and numeric keyboard, similar to devices currently used for internet banking. However, unlike existing devices, we rigorously stick to the design philosophy that the device should be as simple as possible; move functionality and control is moved as much as possible to the smartcard. Although this is a simple (and obvious) idea, we are not aware of any solutions pursuing it. Moreover, it has some interesting benefits compared to existing solutions: the device is simpler, provides stronger security guarantees than many alternatives (namely that it will only display text authenticated by the smartcard), and is generic in that it can be used in combination with different smartcards for different applications (for example, for internet banking with a bank card and for filing an online tax return with a national ID card).
Type de document :
Communication dans un congrès
Simone Fischer-Hübner; Elisabeth Leeuw; Chris Mitchell. 3rd Policies and Research in Identity Management (IDMAN), Apr 2013, London, United Kingdom. Springer, IFIP Advances in Information and Communication Technology, AICT-396, pp.107-120, 2013, Policies and Research in Identity Management. 〈10.1007/978-3-642-37282-7_11〉
Liste complète des métadonnées

Littérature citée [9 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01470495
Contributeur : Hal Ifip <>
Soumis le : vendredi 17 février 2017 - 14:48:33
Dernière modification le : vendredi 17 février 2017 - 15:16:31
Document(s) archivé(s) le : jeudi 18 mai 2017 - 14:38:16

Fichier

978-3-642-37282-7_11_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Erik Poll, Joeri Ruiter. The Radboud Reader: A Minimal Trusted Smartcard Reader for Securing Online Transactions. Simone Fischer-Hübner; Elisabeth Leeuw; Chris Mitchell. 3rd Policies and Research in Identity Management (IDMAN), Apr 2013, London, United Kingdom. Springer, IFIP Advances in Information and Communication Technology, AICT-396, pp.107-120, 2013, Policies and Research in Identity Management. 〈10.1007/978-3-642-37282-7_11〉. 〈hal-01470495〉

Partager

Métriques

Consultations de la notice

17

Téléchargements de fichiers

18