Please use this identifier to cite or link to this item:
DC FieldValueLanguage
dc.contributor.authorDe La Puente Arrate, Fernandoen_US
dc.contributor.authorSandoval, J. D.en_US
dc.contributor.authorHernández, P.en_US
dc.contributor.authorMolina, C. J.en_US
dc.description.abstractEven though it probably has never happened to us, it is possible to introduce our credit card on an ATM and have it steal the money from our account or access our bank account from a computer and have someone else getting access to it. In the first case we believe that the ATM is a trusted device and will never try to cheat us. In the second case, we believe that our computer provides a safe environment for electronic banking. Although there are a few records in history of ATM fraud, we generally believe that it won't happen to us. However, we all know that computers are not safe and still take the risk. Viruses and trojans (malicious software) can do all this and much more, not only in movies but in the real world. This is possible just because we are giving away all the information needed to access our money instead of keeping them. In the first case we are giving away Our credit card and the PIN (Personal Identification Number) and in the second case we are giving away our login and password/s. Anyone who can intercept this information can successfully pretend to be us and withdraw our money. Digital signature can solve these problems providing the means for validating a user or a given operation without. exposing the data required to do it.. However, the point is not if digital signature is the best way to protect our money, but how to implement the system in a way that is easy to use and safe enough.Here we will propose some possible implementations based on die idea that not only digital Signature is needed but also human interaction is required in order to avoid a classic man-in-the-middle-attack. It is not safe to introduce a smart card on a standard smart card reader, introduce the PIN on the application used to access it, and then expect the application to do exactly what we tell it to do. That would be perfectly fine in a world where we can trust. each Other and we can consider computers to be completely safe from intrusions. But the truth is unfortunately far from being like that and so we need to look for new ways to protect us from this kind of attacks.Several hardware devices will be Proposed based on a basic structure where we have a display, some Way to input data (such as a keyboard or a few buttons) and some way to communicate with any computer.en_US
dc.publisherInstitute of Electrical and Electronics Engineers (IEEE)en_US
dc.relation.ispartofProceedings - International Carnahan Conference on Security Technologyen_US
dc.source39Th Annual 2005 International Carnahan Conference On Security Technology, Proceedings [ISSN 0737-1160], p. 174-177, 2005en_US
dc.subject33 Ciencias tecnológicasen_US
dc.titleImproving online banking security with hardware devicesen_US
dc.relation.conference39th Annual 2005 International Carnahan Conference on Security Technology, CCST'05en_US
dc.investigacionIngeniería y Arquitecturaen_US
dc.type2Actas de congresosen_US
dc.contributor.wosstandardWOS:Puente, F-
dc.contributor.wosstandardWOS:Sandoval, JD-
dc.contributor.wosstandardWOS:Hernandez, P-
dc.contributor.wosstandardWOS:Molina, CJ- 2005en_US
item.fulltextSin texto completo-
crisitem.event.eventsenddate14-10-2005- IUMA: Equipos y Sistemas de Comunicación- de Microelectrónica Aplicada- de Ingeniería Telemática- IUMA: Equipos y Sistemas de Comunicación- de Microelectrónica Aplicada- de Ingeniería Telemática- IUMA: Sistemas de Información y Comunicaciones- de Microelectrónica Aplicada- de Ingeniería Telemática- de Microelectrónica Aplicada- de Microelectrónica Aplicada- de Microelectrónica Aplicada- La Puente Arrate, Fernando- González, Juan Domingo-ández Morera, Pablo Vicente-
Appears in Collections:Actas de congresos
Show simple item record

Google ScholarTM




Export metadata

Items in accedaCRIS are protected by copyright, with all rights reserved, unless otherwise indicated.