Abstract | ||
---|---|---|
This article classifies common Internet banking authentication methods regarding potential threats and their level of security against common credential stealing and channel breaking attacks, respectively. The authors present two challenge/response Internet banking authentication solutions, one based on short-time passwords and one certificate-based, and relate them to the taxonomy above. There further outline how these solutions can be easily extended for nonrepudiation (that is, transaction signing), should more sophisticated content manipulation attacks become a real problem. Finally, they summarize their view on future requirements for secure Internet banking authentication and conclude by referencing real-live implementations. |
Year | DOI | Venue |
---|---|---|
2006 | 10.1109/MSP.2006.50 | Security & Privacy, IEEE |
Keywords | Field | DocType |
Internet,bank data processing,certification,message authentication,public key cryptography,attack taxonomy,channel breaking attacks,content manipulation attacks,credential stealing,nonrepudiation,public-key certificates,secure Internet banking authentication,short-lived passwords,short-time passwords,transaction signing,Internet banking,authentication,public-key certificates,short-lived passwords,short-time passwords,taxonomy of attacks | Internet privacy,Authentication,Computer science,Computer security,Communication channel,Credential,The Internet | Journal |
Volume | Issue | ISSN |
4 | 2 | 1540-7993 |
Citations | PageRank | References |
51 | 3.90 | 2 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Alain P. Hiltgen | 1 | 152 | 9.92 |
Thorsten Kramp | 2 | 137 | 13.18 |
Thomas Weigold | 3 | 91 | 8.76 |