Sciweavers

BIRTHDAY
2016
Springer

SpoofKiller: You Can Teach People How to Pay, but Not How to Pay Attention

8 years 8 months ago
SpoofKiller: You Can Teach People How to Pay, but Not How to Pay Attention
We describe a novel approach to reduce the impact of spoofing by a subtle change in the login process. At the heart of our contribution is the understanding that current anti-spoof technologies fail largely as a result of the difficulties to communicate security and risk to typical users. Accordingly, our solution is oblivious to whether the user was tricked by a fraudster or not. We achieve that by modifying the user login process, and letting the browser or operating system cause different results of user login requests, based on whether the site is trusted or not. Experimental results indicate that our new approach, which we dub “SpoofKiller”, will address approximately 80% of spoofing attempts. Free licenses to the technology are offered by the organization owning it, and serious discussions with a major OS vendor have been initiated, with the goal of protecting payments made from apps running on their platform.
Markus Jakobsson, Hossein Siadati
Added 30 Mar 2016
Updated 30 Mar 2016
Type Journal
Year 2016
Where BIRTHDAY
Authors Markus Jakobsson, Hossein Siadati
Comments (0)