Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Full Disclosure: Full-Disclosure

New Paper: MitM Attacks against the chipTAN comfort Online Banking System

  

 
Full Disclosure full-disclosure RSS feed   Index | Next | Previous | View Threaded


release at redteam-pentesting

Nov 24, 2009, 3:50 AM

Post #1 of 1 (242 views)
Permalink
New Paper: MitM Attacks against the chipTAN comfort Online Banking System
Abstract
========
ChipTAN comfort is a new system which is supposed to securely authorise online
banking transactions by means of a trusted device. It is assumed that chipTAN
comfort specifically protects against man-in-the-middle attacks. Such attacks are
currently putting bank customers who are using the iTAN system at risk. RedTeam
Pentesting examined chipTAN comfort and showed that even when using this sys-
tem, man-in-the-middle attacks can compromise online banking security.


The full paper is available in German and English at

http://www.redteam-pentesting.de/publications/MitM-chipTAN-comfort

--
RedTeam Pentesting GmbH Tel.: +49 241 963-1300
Dennewartstr. 25-27 Fax : +49 241 963-1304
52068 Aachen http://www.redteam-pentesting.de/
Germany Registergericht: Aachen HRB 14004
Geschäftsführer: Patrick Hof, Jens Liebchen, Claus R. F. Overbeck

Full Disclosure full-disclosure RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.