Robbing Banks with Their Own Software-an Exploit Against Norwegian Online Banks

14 years 26 days ago

Download www.nowires.org

Abstract The banking industry in Norway has developed a new security infrastructure for conducting commerce on the Internet. The initiative, called BankID, aims to become a national ID infrastructure supporting services such as authentication and digital signatures for the entire Norwegian population. This paper describes a man-in-the-middle vulnerability in online banking applications using BankID. An exploit has been implemented and successfully run against two randomly chosen online banking systems to demonstrate the seriousness of the attack. Key words: Public-key infrastructure, man-in-the-middle attack, online banking

Yngve Espelid, Lars-Helge Netland, André N.

Real-time Traffic

National Id Infrastructure | Online Banking | Online Banking Applications | SEC 2008 | Security Privacy |

claim paper

Post Info
More Details (n/a)

Added	30 Oct 2010
Updated	30 Oct 2010
Type	Conference
Year	2008
Where	SEC
Authors	Yngve Espelid, Lars-Helge Netland, André N. Klingsheim, Kjell Jørgen Hole

Comments (0)

Sciweavers

Robbing Banks with Their Own Software-an Exploit Against Norwegian Online Banks

National Id Infrastructure | Online Banking | Online Banking Applications | SEC 2008 | Security Privacy |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers