Lessons from the Norwegian ATM System

Authors:
Kjell J. Hole;Vebjørn Moen;André N. Klingsheim;Knut M. Tande
Affiliations:
University of Bergen, Norway;University of Bergen, Norway;University of Bergen, Norway;University of Bergen, Norway
Venue:
IEEE Security and Privacy
Year:
2007

Citing 2
Cited 3

Why cryptosystems fail

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Case Study: Online Banking Security

IEEE Security and Privacy

A Proof of Concept Attack against Norwegian Internet Banking Systems

Financial Cryptography and Data Security
A Calculus to Detect Guessing Attacks

ISC '09 Proceedings of the 12th International Conference on Information Security
A formal approach for automated reasoning about off-line and undetectable on-line guessing

FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

This case study focuses on real-world ATM card misuse, illustrating how too much secrecy led to a deterioration of PIN-based authentication procedures, and why a bank's refusal to share technical information is a threat to a customer during a conflict.