J. A. Vila, J. Serna-Olvera, Luis Fernandez, Manuel Medina, Andreas Sfakianakis
{"title":"电子银行认证的专业观点:挑战与建议","authors":"J. A. Vila, J. Serna-Olvera, Luis Fernandez, Manuel Medina, Andreas Sfakianakis","doi":"10.1109/ISIAS.2013.6947731","DOIUrl":null,"url":null,"abstract":"In current e-banking systems, millions of consumers are now able to conduct financial transactions using a wide range of mobile devices; this growth exposes the system not only to the set of known threats that are now migrating from traditional PC-based e-banking to the mobile-based scenario, but, to emerging threats specifically targeting mobile devices. Considering the sensitive nature of the financial information managed, security in mobile devices has become a major issue. Thus, to be able to provide transaction security, and minimize the potential threats, e-banking systems must implement robust identification and authentication systems (eIDAS). Therefore, this paper analyzes current threats in e-banking. It presents a brief review on the current state of the art analyzing the most popular eIDAS implemented in Europe, through a survey launched by ENISA addressed to security professionals of the financial sector. The most common eIDAS approaches for e-banking, and their suitability against the known threats in terms of related incidents and financial loss, are therefore assessed. Finally, a set of challenges and recommendations to be considered in any eIDAS implementation is introduced.","PeriodicalId":370107,"journal":{"name":"2013 9th International Conference on Information Assurance and Security (IAS)","volume":"16 8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"A professional view on ebanking authentication: Challenges and recommendations\",\"authors\":\"J. A. Vila, J. Serna-Olvera, Luis Fernandez, Manuel Medina, Andreas Sfakianakis\",\"doi\":\"10.1109/ISIAS.2013.6947731\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In current e-banking systems, millions of consumers are now able to conduct financial transactions using a wide range of mobile devices; this growth exposes the system not only to the set of known threats that are now migrating from traditional PC-based e-banking to the mobile-based scenario, but, to emerging threats specifically targeting mobile devices. Considering the sensitive nature of the financial information managed, security in mobile devices has become a major issue. Thus, to be able to provide transaction security, and minimize the potential threats, e-banking systems must implement robust identification and authentication systems (eIDAS). Therefore, this paper analyzes current threats in e-banking. It presents a brief review on the current state of the art analyzing the most popular eIDAS implemented in Europe, through a survey launched by ENISA addressed to security professionals of the financial sector. The most common eIDAS approaches for e-banking, and their suitability against the known threats in terms of related incidents and financial loss, are therefore assessed. Finally, a set of challenges and recommendations to be considered in any eIDAS implementation is introduced.\",\"PeriodicalId\":370107,\"journal\":{\"name\":\"2013 9th International Conference on Information Assurance and Security (IAS)\",\"volume\":\"16 8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 9th International Conference on Information Assurance and Security (IAS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISIAS.2013.6947731\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 9th International Conference on Information Assurance and Security (IAS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISIAS.2013.6947731","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A professional view on ebanking authentication: Challenges and recommendations
In current e-banking systems, millions of consumers are now able to conduct financial transactions using a wide range of mobile devices; this growth exposes the system not only to the set of known threats that are now migrating from traditional PC-based e-banking to the mobile-based scenario, but, to emerging threats specifically targeting mobile devices. Considering the sensitive nature of the financial information managed, security in mobile devices has become a major issue. Thus, to be able to provide transaction security, and minimize the potential threats, e-banking systems must implement robust identification and authentication systems (eIDAS). Therefore, this paper analyzes current threats in e-banking. It presents a brief review on the current state of the art analyzing the most popular eIDAS implemented in Europe, through a survey launched by ENISA addressed to security professionals of the financial sector. The most common eIDAS approaches for e-banking, and their suitability against the known threats in terms of related incidents and financial loss, are therefore assessed. Finally, a set of challenges and recommendations to be considered in any eIDAS implementation is introduced.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
