Abstract ======== ChipTAN comfort is a new system which is supposed to securely authorise online banking transactions by means of a trusted device. It is assumed that chipTAN comfort specifically protects against man-in-the-middle attacks. Such attacks are currently putting bank customers who are using the iTAN system at risk. RedTeam Pentesting examined chipTAN comfort and showed that even when using this sys- tem, man-in-the-middle attacks can compromise online banking security. The full paper is available in German and English at http://www.redteam-pentesting.de/publications/MitM-chipTAN-comfort -- RedTeam Pentesting GmbH Tel.: +49 241 963-1300 Dennewartstr. 25-27 Fax : +49 241 963-1304 52068 Aachen http://www.redteam-pentesting.de/ Germany Registergericht: Aachen HRB 14004 Geschäftsführer: Patrick Hof, Jens Liebchen, Claus R. F. Overbeck
Attachment:
pgpliKzcidqBX.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/