How to Attack Two-Factor Authentication Internet Banking
Authors: Manal Adham, Amir Azodi, Yvo Desmedt, Ioannis Karaolis

Date: April 2013
Publication: Proceedings of the 17th International Conference on Financial Cryptography and Data Security 2013 / Lecture Notes in Computer Science, Volume 7859
Page(s): 322 - 328
Publisher: Springer
Source 1:
Source 2: - Subscription or payment required

Abstract or Summary:
Cyber-criminals have benefited from on-line banking (OB), regardless of the extensive research on financial cyber-security. To better be prepared for what the future might bring, we try to predict how hacking tools might evolve. We briefly survey the state-of-the-art tools developed by black-hat hackers and conclude that automation is starting to take place. To demonstrate the feasibility of our predictions and prove that many two-factor authentication schemes can be bypassed, we developed three browser rootkits which perform the automated attack on the client’s computer. Also, in some banks attempt to be regarded as user-friendly, security has been downgraded, making them vulnerable to exploitation.

Do you have additional information to contribute regarding this research paper? If so, please email with the details.

<-- Back to Authentication Research Paper Index

[Home] [About Us] [News] [Research]

Copyright © 2019