How to attack two-factor authentication internet banking

  • Adham M
  • Azodi A
  • Desmedt Y
 et al. 
  • 46


    Mendeley users who have this article in their library.
  • 10


    Citations of this article.


Cyber-criminals have benefited from on-line banking (OB), regardless of the extensive research on financial cyber-security. To better be prepared for what the future might bring, we try to predict how hacking tools might evolve. We briefly survey the state-of-the-art tools developed by black-hat hackers and conclude that automation is starting to take place. To demonstrate the feasibility of our predictions and prove that many two-factor authentication schemes can be bypassed, we developed three browser rootkits which perform the automated attack on the client's computer. Also, in some banks attempt to be regarded as user-friendly, security has been downgraded, making them vulnerable to exploitation. © 2013 Springer-Verlag.

Author-supplied keywords

  • Browser Rootkits
  • Internet Banking
  • Online Banking
  • Two-Factor Authentication

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in

Find this document


  • Manal Adham

  • Amir Azodi

  • Yvo Desmedt

  • Ioannis Karaolis

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free