A survey on multi-factor authentication for online banking in the wild

Federico Sinigaglia (Corresponding author), Roberto Carbone (Corresponding author), Gabriele Costa (Corresponding author), Nicola Zannone (Corresponding author)

Onderzoeksoutput: Bijdrage aan tijdschriftTijdschriftartikelAcademicpeer review

Samenvatting

In recent years, the usage of online banking services has considerably increased. To protect the sensitive resources managed by these services against attackers, banks have started adopting Multi-Factor Authentication (MFA). To date, a variety of MFA solutions have been implemented by banks, leveraging different designs and features and providing a non-homogeneous level of security and user experience. Public and private authorities have defined laws and guidelines to guide the design of more secure and usable MFA solutions, but their influence on existing MFA implementations remains unclear. In this work, we present a latitudinal study on the adoption of MFA and the design choices made by banks operating in different countries. In particular, we evaluate the MFA solutions currently adopted in the banking sector in terms of (i) compliance with laws and best practices, (ii) robustness against attacks and (iii) complexity. We also investigate possible correlations between these criteria. Based on this study, we identify a number of lessons learned and open challenges.

Originele taal-2Engels
Artikelnummer101745
Aantal pagina's30
TijdschriftComputers and Security
Volume95
DOI's
StatusGepubliceerd - aug 2020

Vingerafdruk Duik in de onderzoeksthema's van 'A survey on multi-factor authentication for online banking in the wild'. Samen vormen ze een unieke vingerafdruk.

  • Citeer dit