An Analysis of n-factor Authentication in e-Banking Environments

Vila, Jordi AguilĂ ; Serna, Jetzabel; Medina, Manel; Sfakianakis, Andreas
April 2014
Journal of Information Assurance & Security;2014, Vol. 9 Issue 2, p104
Academic Journal
It is envisioned that in the coming years, electronic banking will continue to be the most popular method for conducting financial transactions. Currently, electronic banking allow millions of consumers to interact with their bank accounts from anywhere, anytime and from a wide range of devices that significantly enhance the end-user experience. However, this growth also exposes electronic banking systems to a set of known threats that are migrating from traditional PC-based systems to the mobile-based scenario. Due to the sensitive nature of financial information, security continues to be a major concern that must be properly addressed. In this sense, electronic IDentification and Authentication Methods (eIDAMs) are considered the major barrier that attackers must circumvent to commit fraud. Consequently, the more robust and sophisticated eIDAMs are, the harder to be deceived. Hence, eIDAMs in electronic banking systems are aimed at providing transaction security by minimizing the potential security threats. This paper provides an overview of potential threats and their impact in current electronic banking systems. It analyzes the most commonly implemented eIDAMs by the financial sector in Europe towards performing an overall assessment of their robustness against potential security attacks. Additionally, an analysis of their suitability according to efficiency, usability, costs, operation types and targeted user segments is presented.


Related Articles

  • An Empirical Analysis of Ensemble Systems for Revocable Behavioural Biometric Verification. Damasceno, Marcelo; Canuto, A. M. P. // Journal of Information Assurance & Security;2014, Vol. 9 Issue 4, p186 

    Behavioural Biometric-based authentication systems can be considered as an emergent area in future of the user identification, verification and access control systems. However, there is still much progress to be done in this field, specially related to system security and acceptable accuracy...

  • Security study: Ditch the username and password.  // New Hampshire Business Review;4/17/2015, Vol. 37 Issue 8, p22 

    The article presents a research study concerning the different outcomes to computer usernames and passwords, to the quality of information technology (IT) industries in New Hampshire. The study reveals that telecommunication industries have developed programs to protect and manage...

  • A dynamic identity-based user authentication scheme for remote login systems. Chun-Ta Li; Cheng-Chi Lee; Chi-Yao Weng // Security & Communication Networks;Dec2015, Vol. 8 Issue 18, p3372 

    With the purpose of accessing numerous network resources and services with user anonymity, various dynamic identity (ID)-based user authentication schemes have been proposed. Recently, Khan et al. have pointed out the security weaknesses of the dynamic ID-based user authentication scheme of Wang...

  • Cyber-Security Gaining Ground Among Insurers, But Gaps Remain For Many. Ruquet, Mark E. // National Underwriter / P&C;7/19/2010, Vol. 114 Issue 25, p17 

    The article focuses on a cyber security survey for the financial services industry. The survey says that 36% in the financial services industry view the lack of budget as the main reason why there is no assurance of information security in the industry. It adds that larger firms are considered...

  • IMPROVING SECURITY OF ONLINE BANKING USING RFID. Saleh, Zakaria I. // Academy of Banking Studies Journal;2011, Vol. 10 Issue 2, p1 

    Banks protect customers' security in three main techniques: passwords, encryption, and firewalls/server security. This study develops a module that shall further tighten security of online banking, and improve trust. This study proposed that there is a need for an additional authentication due...

  • An Evaluation of the Effectiveness of E-banking Security Strategies in Zimbabwe: A Case Study of Zimbabwean Commercial Banks. ZIMUCHA, TAFADZWA; ZANAMWE, NGONIDZASHE; CHIMWAYI, KERINA; CHAKWIZIRA, ELIJAH; MAPUNGWANA, PETRONELLA; MADUKU, TINOVIMBANASHE // Journal of Internet Banking & Commerce;Dec2012, Vol. 17 Issue 3, Special section p1 

    The introduction of e-banking has often been believed to be inhibited by security threats among other issues. Few studies have evaluated the effectiveness of e-banking security strategies in spite of its apparent impact on adoption of e-banking. This research evaluated the effectiveness of...

  • PBAC:Provision-based access control model. Kudo, Michiharu // International Journal of Information Security;2002, Vol. 1 Issue 2, p116 

    Over the years a wide variety of access control models and policies have been proposed, and almost all the models have assumed "grant the access request or deny it." They do not provide any mechanism that enables us to bind authorization rules with required operations such as logging and...

  • Dropbox Hacking Details Unveiled.  // Micro Mart;9/12/2013, Issue 1277, p35 

    The article reports on the details of how one could bypass two-factor authentication security in the Dropbox cloud service that were revealed by developers.

  • Understanding Multi-Factor Authentication.  // PC Quest;Aug2012, p89 

    The article provides an overview on the concept of multi-factor authentication.


Read the Article


Sorry, but this item is not currently available from your library.

Try another library?
Sign out of this library

Other Topics