Back to Search
Start Over
User-friendly Manual Transfer of Authenticated Online Banking Transaction Data - A Case Study that Applies the What You Enter Is What You Sign Transaction Authorization Information Scheme
- Source :
- Callegari, C. (ed.), SECRYPT 2016 : Proceedings of the International Conference on Security and Cryptography, 26-28 July, Lisbon, Portugal 2016, pp. 259-270, Kiljan, S Z, Vranken, H P E & van Eekelen, M C J D 2016, User-friendly Manual Transfer of Authenticated Online Banking Transaction Data : A Case Study that Applies the What You Enter Is What You Sign Transaction Authorization Information Scheme . in C Callegari, M van Sinderen, P Sarigiannidis, P Samarati, E Cabello, P Lorenz & M S Obaidat (eds), Proceedings of the 13th International Joint Conference on e-Business and Telecommunications : July 26-28, 2016, in Lisbon, Portugal . vol. 4, SCITEPRESS-Science and Technology Publications, Lda., pp. 259-270, 13th International Joint Conference on e-Business and Telecommunications, Lisbon, Portugal, 26/07/16 . https://doi.org/10.5220/0005965102590270, Callegari, C. (ed.), SECRYPT 2016 : Proceedings of the International Conference on Security and Cryptography, 26-28 July, Lisbon, Portugal 2016, 259-270. Setubal : SCITEPRESS, STARTPAGE=259;ENDPAGE=270;TITLE=Callegari, C. (ed.), SECRYPT 2016 : Proceedings of the International Conference on Security and Cryptography, 26-28 July, Lisbon, Portugal 2016, Proceedings of the 13th International Joint Conference on e-Business and Telecommunications: July 26-28, 2016, in Lisbon, Portugal, 4, 259-270, SECRYPT
- Publication Year :
- 2016
- Publisher :
- Setubal : SCITEPRESS, 2016.
-
Abstract
- Online banking relies on user-owned home computers and mobile devices, all vulnerable to man-in-the-middle attacks which are used to steal money from bank accounts. Banks mitigate this by letting users verify information that originates from these untrusted devices. This is not user-friendly since the user has to process the same information twice. It also makes the user an unnecessary critical factor and risk in the security process. This paper concerns a case study of an information scheme which allows the user to enter critical information in a trusted device, which adds data necessary for the recipient to verify its integrity and authenticity. The output of the device is a code that contains the information and the additional verification data, which the user enters in the computer used for online banking. With this, the bank receives the information in a secure manner without requiring an additional check by the user, since the data is protected from the moment the user entered it in the trusted device. This proposal shows that mundane tasks for the user in online banking can be automated, which improves both security and usability.
Details
- Database :
- OpenAIRE
- Journal :
- Callegari, C. (ed.), SECRYPT 2016 : Proceedings of the International Conference on Security and Cryptography, 26-28 July, Lisbon, Portugal 2016, pp. 259-270, Kiljan, S Z, Vranken, H P E & van Eekelen, M C J D 2016, User-friendly Manual Transfer of Authenticated Online Banking Transaction Data : A Case Study that Applies the What You Enter Is What You Sign Transaction Authorization Information Scheme . in C Callegari, M van Sinderen, P Sarigiannidis, P Samarati, E Cabello, P Lorenz & M S Obaidat (eds), Proceedings of the 13th International Joint Conference on e-Business and Telecommunications : July 26-28, 2016, in Lisbon, Portugal . vol. 4, SCITEPRESS-Science and Technology Publications, Lda., pp. 259-270, 13th International Joint Conference on e-Business and Telecommunications, Lisbon, Portugal, 26/07/16 . https://doi.org/10.5220/0005965102590270, Callegari, C. (ed.), SECRYPT 2016 : Proceedings of the International Conference on Security and Cryptography, 26-28 July, Lisbon, Portugal 2016, 259-270. Setubal : SCITEPRESS, STARTPAGE=259;ENDPAGE=270;TITLE=Callegari, C. (ed.), SECRYPT 2016 : Proceedings of the International Conference on Security and Cryptography, 26-28 July, Lisbon, Portugal 2016, Proceedings of the 13th International Joint Conference on e-Business and Telecommunications: July 26-28, 2016, in Lisbon, Portugal, 4, 259-270, SECRYPT
- Accession number :
- edsair.doi.dedup.....c219d899fb490fa996e45cc23a5662ec