Online Authentication Methods Used in Banks and Attacks Against These Methods

Abstract

Growing threats and attacks to online banking security (e.g. phishing, identity theft) motivates most banks to look for and use stronger authentication methods instead of using a normal username and password authentication. The main objective of the research is to identify the most common online authentication methods used widely in international banks and compare it with the methods used in six banks operating in UAE. In addition, this research will cover the current authentication threats and attacks against these methods. Two well-defined comparison matrices [15], one based on characteristics and second one on attack vectors, will be used to examine and assess the authentication methods of those six banks. This paper is different than other studies and works since it will help to identify the common authentication methods used in banks operating in UAE. Moreover, the comparison matrices will help to examine those authentication methods, define their weaknesses, and evaluate them.