Abstract : Banks want to use their genuine strong credential for online banking transaction authorization - the debit card. Customers nowadays are usually equipped with a Smartphone and prefer to not carry a card reader in addition. Methods where developed that use the Smartphone to authorize online banking transactions. These methods are vulnerable to Smartphone malware. We present NFC-TAN as a Smartphone method that combines the two requirements: Strong credential debit card and no additional device. We discuss to what extend this solution decreases vulnerability. Moreover, we consider usability, cost, and integration aspects of NFC-TAN.
Lorenzo Cavallaro; Dieter Gollmann. 7th International Workshop on Information Security THeory and Practice (WISTP), May 2013, Heraklion, Greece. Springer, Lecture Notes in Computer Science, LNCS-7886, pp.66-81, 2013, Information Security Theory and Practice. Security of Mobile and Cyber-Physical Systems. 〈10.1007/978-3-642-38530-8_5〉
https://hal.inria.fr/hal-01485934
Contributeur : Hal Ifip
<>
Soumis le : jeudi 9 mars 2017 - 15:16:16
Dernière modification le : jeudi 9 mars 2017 - 15:21:21
Document(s) archivé(s) le : samedi 10 juin 2017 - 14:36:16
Max Günther, Bernd Borchert. Online Banking with NFC-Enabled Bank Card and NFC-Enabled Smartphone. Lorenzo Cavallaro; Dieter Gollmann. 7th International Workshop on Information Security THeory and Practice (WISTP), May 2013, Heraklion, Greece. Springer, Lecture Notes in Computer Science, LNCS-7886, pp.66-81, 2013, Information Security Theory and Practice. Security of Mobile and Cyber-Physical Systems. 〈10.1007/978-3-642-38530-8_5〉. 〈hal-01485934〉
