Community
I blogged here last August, that it was predicted Man in the Middle attacks would defeat tokens, and sure enough here we go.
"The bank says that its customers opened an email attachment that resulted in a virus being executed on their machines. This virus changed their browsers' behaviour so when they went to open the real ABN Amro online banking site, they were instead re-directed to a spoof site.
The customers then typed in their passwords, which the attacker in turn used to access the bank's real Web site. The customer's own transactions were passed along to the real site, so they didn't notice anything wrong right away, while the attacker simultaneously made their own fraudelent transactions using the bank's urgent payment feature."
One thing that 100% of security experts will tell us, is that there is no universal solution. Security requires a layered approach of a security portfolio comprising multiple solutions. Tokens have been held out as "the" solution, and this simply not true.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Alex Kreger Founder & CEO at UXDA
16 December
Kajal Kashyap Business Development Executive at Itio Innovex Pvt. Ltd.
13 December
Kathy Stares EVP North America at Provenir
11 December
Darren Carvalho Co-Founder and Co-CEO at MetaWealth
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.