Haupert V, Gabert S (2019)
Publication Type: Conference contribution
Publication year: 2019
Publisher: Springer
Book Volume: 11598 LNCS
Pages Range: 234-242
Conference Proceedings Title: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISBN: 9783030321000
DOI: 10.1007/978-3-030-32101-7_15
Internet banking security is set to take a major step forward: On September 14, 2019, the Regulatory Technical Standards of the Revised Payment Service Directive (PSD2) are going to be effective within the European Union and the European Economic Area. This regulation makes two widely demanded transaction security properties mandatory: two-factor authentication, and the dynamic linking of the authentication code to the transaction’s beneficiary and amount (full transaction authentication). Even though the regulation is undoubtedly a positive development from a security perspective, it does not account for all the technical and human weak points involved in the transaction process. In this paper, we look at a series of attacks targeting online and mobile banking that are possible even in a post-PSD2 era. Despite the regulatory motivation of this work, the presented issues and suggestions to address them are likely to be universal for internet banking in general.
APA:
Haupert, V., & Gabert, S. (2019). Short Paper: How to Attack PSD2 Internet Banking. In Ian Goldberg, Tyler Moore (Eds.), Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (pp. 234-242). St. Kitts, KN: Springer.
MLA:
Haupert, Vincent, and Stephan Gabert. "Short Paper: How to Attack PSD2 Internet Banking." Proceedings of the 23rd International Conference on Financial Cryptography and Data Security, FC 2019, St. Kitts Ed. Ian Goldberg, Tyler Moore, Springer, 2019. 234-242.
BibTeX: Download