Abstract : Banks want to use their genuine strong credential for online banking transaction authorization - the debit card. Customers nowadays are usually equipped with a Smartphone and prefer to not carry a card reader in addition. Methods where developed that use the Smartphone to authorize online banking transactions. These methods are vulnerable to Smartphone malware. We present NFC-TAN as a Smartphone method that combines the two requirements: Strong credential debit card and no additional device. We discuss to what extend this solution decreases vulnerability. Moreover, we consider usability, cost, and integration aspects of NFC-TAN.
https://hal.inria.fr/hal-01485934 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Thursday, March 9, 2017 - 3:16:16 PM Last modification on : Thursday, October 28, 2021 - 3:42:03 PM Long-term archiving on: : Saturday, June 10, 2017 - 2:36:16 PM
Max Günther, Bernd Borchert. Online Banking with NFC-Enabled Bank Card and NFC-Enabled Smartphone. 7th International Workshop on Information Security THeory and Practice (WISTP), May 2013, Heraklion, Greece. pp.66-81, ⟨10.1007/978-3-642-38530-8_5⟩. ⟨hal-01485934⟩