Hot authentication tools
The latest in multi-factor authentication schemes
By Julie Sartain | Network World US | Published: 16:45, 08 February 2012
User name and password doesn't cut it anymore in the world of online financial transactions. New federal rules call for multi-factor authentication schemes to combat growing threats. The latest multi-factor measures focus on biometrics, advanced analytics, and out-of-band techniques utilising smartphones.
Man-in-the-Middle (MITM) attack
Man-in-the-middle attacks use various social engineering techniques to intercept user credentials and commit fraudulent actions completely under the radar. How MITM attacks work:
1. User clicks on link in a phishing email, goes to MITM site and enters credentials (including token-generated one-time password).
2. MITM site connects with bank site and impersonates legitimate user using phished credentials.
3. Bank site grants MITM account access.
4. MITM displays phony page stating system is unavailable, or waits until user wants to log off, then displays phony page confirming log-off.