Featured Research

from universities, journals, and other organizations

Cardiff Researchers Discover Online Banking Security Problem

Date:
August 10, 2006
Source:
Cardiff University
Summary:
Two researchers working within Cardiff University's School of Computer Science, Professor Antonia J Jones and Joseph R Rabaiotti, together with a third independent researcher Stuart P Goring, have today released details of a problem with HSBC's online banking system. The bank was informed of the issue prior to publication.

Two researchers working within Cardiff University's School of Computer Science, Professor Antonia J Jones and Joseph R Rabaiotti, together with a third independent researcher Stuart P Goring, have today released details of a problem with HSBC's online banking system. The bank was informed of the issue prior to publication.

Related Articles


The researchers demonstrated (without in any way hacking, or even entering, the system) that the problem they observed, together with the illegal use of a keylogger (a device which records keystrokes and can later play them back), would in principle allow an attacker to gather all the necessary information required to enter any customer account.

HSBC and Cardiff University are now working together to address a number of issues raised by this research.

No illegal access took place during this research. It is generally assumed that to be in a position to prove that a gatekeeper system has a weakness one must have broken the law. However, the researchers were able to demonstrate that this is not the case. In this case they showed that by perfectly proper use of the system (a legal log-in which fails due to a typing error) and by intelligent observation one can logically prove a weakness without even passing the gatekeeper or entering the system. While they were able to do this because of a rather trivial problem, an interesting point of principle has been established and a significant loophole identified.

Professor Jones said: "What is truly amazing about this particular problem is that it apparently has not been illegally exploited for at least two years, during which time all user accounts were in principle open to the access procedure we describe.

"This fact alone raises some serious questions about the wisdom of having any sensitive system online and about online banking in general."


Story Source:

The above story is based on materials provided by Cardiff University. Note: Materials may be edited for content and length.


Cite This Page:

Cardiff University. "Cardiff Researchers Discover Online Banking Security Problem." ScienceDaily. ScienceDaily, 10 August 2006. <www.sciencedaily.com/releases/2006/08/060810211259.htm>.
Cardiff University. (2006, August 10). Cardiff Researchers Discover Online Banking Security Problem. ScienceDaily. Retrieved March 6, 2015 from www.sciencedaily.com/releases/2006/08/060810211259.htm
Cardiff University. "Cardiff Researchers Discover Online Banking Security Problem." ScienceDaily. www.sciencedaily.com/releases/2006/08/060810211259.htm (accessed March 6, 2015).

Share This


More From ScienceDaily



More Computers & Math News

Friday, March 6, 2015

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Star Wars-Inspired Prototype Creates Holographic Display

Star Wars-Inspired Prototype Creates Holographic Display

Reuters - Innovations Video Online (Mar. 5, 2015) — A prototype holographic display named Leia - after the Star Wars princess who appeared in holographic form asking Obi-Wan Kenobu for help - is demonstrated at the Mobile World Congress in Barcelona. Matthew Stock reports. Video provided by Reuters
Powered by NewsLook.com
IKEA and Samsung Launch Embedded Wireless Charging Range

IKEA and Samsung Launch Embedded Wireless Charging Range

Reuters - Innovations Video Online (Mar. 5, 2015) — Samsung and IKEA hope their new embedded wireless charging products, launched at Barcelona&apos;s Mobile World Congress, will tempt consumers eager for plugless power. Jim Drury reports. Video provided by Reuters
Powered by NewsLook.com
Samsung Unveils $30,000 'Dream Doghouse'

Samsung Unveils $30,000 'Dream Doghouse'

Buzz60 (Mar. 5, 2015) — On display at the Crufts dog show in England, the &apos;dog kennel of the future&apos; comes with features like a doggie treadmill and Samsung tablet. Mike Janela (@mikejanela) has more. Video provided by Buzz60
Powered by NewsLook.com
Doctor in Your Pocket Is Getting Smarter

Doctor in Your Pocket Is Getting Smarter

Reuters - Business Video Online (Mar. 5, 2015) — Mobile apps are turning smartphones into a personal doctors, with users able to measure heart rate, blood pressure and even blood sugar. But will it change our behaviour? Ivor Bennett reports from the Mobile World Congress in Barcelona. Video provided by Reuters
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
 
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:  

Breaking News:

Strange & Offbeat Stories

 

Space & Time

Matter & Energy

Computers & Math

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:  

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile iPhone Android Web
Follow Facebook Twitter Google+
Subscribe RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins