nexus portwise - internet banking frauds - evolution and solutions - siliconindia security...

8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai

1/20

0


2/20

1


3/20

WHAT KEEPS USERS AWAY?

47%

46%

43%

39%

40%

50%

45%

I fear that my accountinformation will be

viewed

by an unauthorized party

I prefer dealing with

2

34%21%

15%

20%

19%

13%

26%

20%

12%

I do not want to pay a fee

I do not findonline banking

valuable

2008

2007

2006

2005

0% 10% 20% 30% 40% 50% 60%

Javelin Strategy and Research, August 2008


4/20

Identity Fraud Evolution and Solutions

SiliconIndia Security Conference 2011,

Mumbai


5/20

AgendaAttack vectors

Phishing

Man-in-the-middle (MITM) attacksMalware

Solutions

One-time passwords

Transaction signaturesEndpoint assessment

Summary

4


6/20

Phishing

5


7/20

Pharminghttp://wwwhttp://www

6

http://www

User

Website

www.nicebank.com

Fake Website

www.n1cebank.com

Attacker

DNS Server(Local or ISP)


8/20

Smishing

7


9/20

Vishing

8


10/20

Two factor authenticationSomething the user has

Strengths

9

Compromised user credentials less valuable for attackerBreak down the traditional economic model of phishing attacks


11/20

Types of one-time-passwordsCounter-based one-time passwords

Time-based one-time passwords

10

Challenge-based one-time passwordsMutual authentication one-time passwords

Out-of-Band one-time passwords


12/20

OATH (Open Authentication)A group of technology and industry leaders

60+ members

Open and royalty-free specifications

Promote interoperability

Benefits

Standardization drives down costPrevents vendor lock-in


13/20

MITM / MITB attacksMan-in-the-middle attack

Web-

12

End-UserJohn

1. John, psd

Browser NetBankingServer

BankingTrojan

2. OTP

3. $500 to Bob

1. John, pswd

2. OTP

3. $500 to Bob

1. John, pswd

2. OTP

3. $5000 to Bill

End-Users Computer

Man-in-the-browser attack

erver


14/20

Transaction Signing Soft TokensSignature = cryptographic Message Authentication Code

Transaction signature

13

On Internet BankingOn the software token

Enter Account no

0243758

Enter Amount

0243758

500.00

Generate Signature

0243758

500.00

afcbff100

Seal Transaction

with Signature

0243758

500.00

afcbff100

stored in Audit Log

for verification


15/20

Risk levels (NIST SP 800-63-1)

14

Minimal

High

Medium

Low

KBA

OTP

PKI

OOB


16/20

Security Industry in 2001

15

Security Industry in 2011


17/20

Trojans / Malware

16


18/20

Endpoint AssessmentEndpoint Security Assessment

Session Clean-Up

17

POLICY

Personal Firewall

Anti-Virus

Spyware

Patches

Inventory Device using

File Scan

Process Scan

Registry ScanOS Scan

Compare device scan

with access policy

SCAN COMPARE

AllowPartial PassDecline


19/20

SummarySophistication of identity fraud schemes is increasing

Authentication deployments are converging to:

18

Hybrid solutions: >1 authentication method per end-user

Risk-based authentication

Endpoint security assessment

Choose a technology that

Does not lock you inProvides entire solution from authentication to endpoint assessment to

abolishment


20/20

Questions and Answers

E-mail: [email protected]: +91 99229 39931Twitter: @Ltejas

nexus portwise - internet banking frauds - evolution and solutions - siliconindia security...

Documents