Community
Sorry to say that the only way to really get past the Man in the Middle attack is to use a second secure channel to carry out the authentication and a transaction specific authentication. It has to be used not only for transaction auth, but also for setting up new payees, for example.
Otherwise the MiM could simply let you input the auth, then bounce you an error message - Please try again in 15 minutes - while he has full access to your account.
There are a number of MiM resistant auth. solutions out there, Authentify was given the nod by HSBC, while Masabi, the secure mobile developers, have one featuring GrIDsure technology, that still has security even if both the PC and handset are compromised!
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Carlo R.W. De Meijer Owner and Economist at MIFSA
30 June
Steve Wilcockson Technical Product Marketing at Quantexa
27 June
Dmytro Spilka Director and Founder at Solvid, Coinprompter
Eli Talmor CEO at ID-Bound
26 June
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.