Online citations, reference lists, and bibliographies.

A Survey On Multi-factor Authentication For Online Banking In The Wild

F. Sinigaglia, R. Carbone, Gabriele Costa, Nicola Zannone
Published 2020 · Computer Science

Cite This
Download PDF
Analyze on Scholarcy
Share
Abstract In recent years, the usage of online banking services has considerably increased. To protect the sensitive resources managed by these services against attackers, banks have started adopting Multi-Factor Authentication (MFA). To date, a variety of MFA solutions have been implemented by banks, leveraging different designs and features and providing a non-homogeneous level of security and user experience. Public and private authorities have defined laws and guidelines to guide the design of more secure and usable MFA solutions, but their influence on existing MFA implementations remains unclear. In this work, we present a latitudinal study on the adoption of MFA and the design choices made by banks operating in different countries. In particular, we evaluate the MFA solutions currently adopted in the banking sector in terms of (i) compliance with laws and best practices, (ii) robustness against attacks and (iii) complexity. We also investigate possible correlations between these criteria. Based on this study, we identify a number of lessons learned and open challenges.
This paper references
10.5220/0006438504800485
Strong Authentication for e-Banking: A Survey on European Regulations and Implementations
Federico Sinigaglia (2017)
10.1007/3-540-61042-1_43
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
G. Lowe (1996)
10.14722/USEC.2014.23025
Two-Factor or not Two-Factor? A Comparative Usability Study of Two-Factor Authentication
Emiliano De Cristofaro (2013)
10.1016/J.CLSR.2015.12.004
Data security and multi-factor authentication: Analysis of requirements under EU law and in selected EU Member States
E. Kennedy (2016)
10.1007/978-3-642-38631-2_63
Formal Modeling and Automatic Security Analysis of Two-Factor and Two-Channel Authentication Protocols
Alessandro Armando (2013)
10.14722/USEC.2015.23001
"They brought in the horrible key ring thing!" Analysing the Usability of Two-Factor Authentication in UK Online Banking
K. Krol (2015)
Security Analysis of Mobile Two-Factor Authentication Schemes
A. Dmitrienko (2014)
10.5220/0006650501490160
On App-based Matrix Code Authentication in Online Banking
Vincent Haupert (2018)
10.1145/1656274.1656278
The WEKA data mining software: an update
M. Hall (2009)
10.1016/j.cose.2008.09.008
User perceptions of security, convenience and usability for ebanking authentication tokens
Catherine S. Weir (2009)
10.1201/9781498710411-35
SUS - A quick and dirty usability scale
J. Brooke (2006)
10.1007/978-3-319-89722-6_8
Design, Formal Specification and Analysis of Multi-Factor Authentication Solutions with a Single Sign-On Experience
Giada Sciarretta (2018)
10.2307/1164825
Applied statistics for the behavioral sciences
D. Hinkle (1979)
10.1016/j.intcom.2009.10.001
Usable security: User preferences for authentication methods in eBanking and the effects of experience
Catherine S. Weir (2010)
10.1109/MSP.2011.144
The Case for Mobile Two-Factor Authentication
Dimitri do B. DeFigueiredo (2011)
10.1007/978-3-642-31284-7_1
Security Analysis of a Multi-factor Authenticated Key Exchange Protocol
Feng Hao (2012)
10.2139/SSRN.1988503
Internet Banking: Developments and Prospects
K. Furst (2000)
10.1145/3002170
A Survey of Authentication and Communications Security in Online Banking
Sven Kiljan (2016)



This paper is referenced by
Semantic Scholar Logo Some data provided by SemanticScholar