Anti-keylogging measures for secure Internet login: An example of the law of unintended consequences
نویسندگان
چکیده
Traditional authentication systems used to protect access to online services (such as passwords) are vulnerable to compromise via the introduction of a keystroke logger to the service user’s computer. This has become a particular problem now that many malicious programs have keystroke logging capabilities. When banks first introduced online banking services they realised this, and added features to protect users against keystroke logging. In this paper we show, using a real online banking system as an example, that if these features are incorrectly implemented they can potentially allow an attacker to bypass them completely and gain access to a user’s bank account. The vulnerability was initially noticed in a particular Online Banking Service, but any system implemented in the way we describe is equally vulnerable.
منابع مشابه
How To Login From an Internet Café Without Worrying About Keyloggers
Roaming users who use untrusted machines to access password protected accounts have few good options. An internet café machine can easily be running a keylogger. The roaming user has no reliable way of determining whether it is safe, and has no alternative to typing the password. We describe a simple trick the user can employ that is entirely effective in concealing the password. We verify its ...
متن کاملA secure email login system using virtual password
In today’s world password compromise by some adversaries is common for different purpose. In ICC 2008 Lei et al. proposed a new user authentication system based on the virtual password system. In virtual password system they have used linear randomized function to be secure against identity theft attacks, phishing attacks, keylogging attack and shoulder surfing system. In ICC 2010 Li’s given a ...
متن کاملCriminological Analysis of the Anti-Smuggling of Goods and Currency Law "Adopted in 1392"
Smuggling commodities and currencies, as a social and economic phenomenon, have very adverse economic effects. The smuggling of goods and the importance of fighting them, organizing the status of border exchanges, moving towards a transparent economy and adapting the behavior of regulatory bodies are among the most important operational axes to combat smuggling of goods. In this article, after ...
متن کاملUnintended Consequences of Hospital Payment: The Case of Swiss Diagnosis Related Groups
Background: In 2012, Switzerland changed from retrospective to prospective hospital payment based on diagnosis related groups (DRGs), following the example of the United States, Australia, and Germany. As in these countries, the objective of this transition was to motivate hospitals to improve efficiency by making them bear financial risk to some extent.Objective:...
متن کاملAn Efficient Secret Sharing-based Storage System for Cloud-based Internet of Things
Internet of things (IoTs) is the newfound information architecture based on the internet that develops interactions between objects and services in a secure and reliable environment. As the availability of many smart devices rises, secure and scalable mass storage systems for aggregate data is required in IoTs applications. In this paper, we propose a new method for storing aggregate data in Io...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Computers & Security
دوره 26 شماره
صفحات -
تاریخ انتشار 2007