The banking industry in Norway has developed a new security infrastructure for conducting commerce on the Internet. The initiative, called BankID, aims to become a national ID infrastructure supporting services such as authentication and digital signatures for the entire Norwegian population. This paper describes a man-in-the-middle vulnerability in online banking applications using BankID. An exploit has been implemented and successfully run against two randomly chosen online banking systems to demonstrate the seriousness of the attack. © 2008 Springer Science+Business Media, LLC.
CITATION STYLE
Espelid, Y., Netland, L. H., Klingsheim, A. N., & Hole, K. J. (2008). Robbing banks with their own software - An exploit against norwegian online banks. In IFIP International Federation for Information Processing (Vol. 278, pp. 63–77). Springer New York. https://doi.org/10.1007/978-0-387-09699-5_5
Mendeley helps you to discover research relevant for your work.