Identificador persistente para citar o vincular este elemento: http://hdl.handle.net/10553/51895
Título: Improving online banking security with hardware devices
Autores/as: De La Puente Arrate, Fernando 
Sandoval, J. D. 
Hernández, P. 
Molina, C. J.
Clasificación UNESCO: 33 Ciencias tecnológicas
Fecha de publicación: 2005
Editor/a: Institute of Electrical and Electronics Engineers (IEEE) 
Publicación seriada: Proceedings - International Carnahan Conference on Security Technology 
Conferencia: 39th Annual 2005 International Carnahan Conference on Security Technology, CCST'05 
Resumen: Even though it probably has never happened to us, it is possible to introduce our credit card on an ATM and have it steal the money from our account or access our bank account from a computer and have someone else getting access to it. In the first case we believe that the ATM is a trusted device and will never try to cheat us. In the second case, we believe that our computer provides a safe environment for electronic banking. Although there are a few records in history of ATM fraud, we generally believe that it won't happen to us. However, we all know that computers are not safe and still take the risk. Viruses and trojans (malicious software) can do all this and much more, not only in movies but in the real world. This is possible just because we are giving away all the information needed to access our money instead of keeping them. In the first case we are giving away Our credit card and the PIN (Personal Identification Number) and in the second case we are giving away our login and password/s. Anyone who can intercept this information can successfully pretend to be us and withdraw our money. Digital signature can solve these problems providing the means for validating a user or a given operation without. exposing the data required to do it.. However, the point is not if digital signature is the best way to protect our money, but how to implement the system in a way that is easy to use and safe enough.Here we will propose some possible implementations based on die idea that not only digital Signature is needed but also human interaction is required in order to avoid a classic man-in-the-middle-attack. It is not safe to introduce a smart card on a standard smart card reader, introduce the PIN on the application used to access it, and then expect the application to do exactly what we tell it to do. That would be perfectly fine in a world where we can trust. each Other and we can consider computers to be completely safe from intrusions. But the truth is unfortunately far from being like that and so we need to look for new ways to protect us from this kind of attacks.Several hardware devices will be Proposed based on a basic structure where we have a display, some Way to input data (such as a keyboard or a few buttons) and some way to communicate with any computer.
URI: http://hdl.handle.net/10553/51895
ISBN: 0-7803-9245-0
ISSN: 1071-6572
DOI: 10.1109/CCST.2005.1594874
Fuente: 39Th Annual 2005 International Carnahan Conference On Security Technology, Proceedings [ISSN 0737-1160], p. 174-177, 2005
Colección:Actas de congresos
Vista completa

Google ScholarTM

Verifica

Altmetric


Comparte



Exporta metadatos



Los elementos en ULPGC accedaCRIS están protegidos por derechos de autor con todos los derechos reservados, a menos que se indique lo contrario.