Slashdot Mirror
One-Time Pads To Protect Electronic Bank Access
dummkopf writes "CNN reports how Scandinavian banks issue one-time passwords to protect customers' accounts when these use the same password for other, i.e., more insecure email accounts. Having a bank account in the U.S. (with a trusted and well known Bank OF nAtional reach) I always wondered why the security was soooo poor: while it has changed slightly now (better usernames/passwords) it used to be the case that your username was your SSN and your password a number code (!). I am sure most of you will agree with me that this is scary... I live now in Switzerland where one-time passwords for online banking are a must and where my current bank is one of the 'crappy' ones with a little card with one-time passwords like mentioned in the CNN Story. The nicer ones even give you credit-card-size RSA password generator which is combined with a calculator you can keep in your pocket. Hence my question: are others also worried about poor security of online banking in the U.S.? Are there banks which are better than the ones mentioned above?"
Banks in Germany always required you to have:
Login & Password.
And then for EACH transaction an TAN (TransActionNumber) which was a one time password that they mailed to you in a batch of I think 25.
So in order to complete a transaction you not only needed the username and Password but also a TAN.
More secure than they do it here, where you just log in and then it's a free for all.
If you want to e-mail me, use my PGP Key.
Single-use passwords are not the same thing as a one-time pad, which is a form of encryption. However, one-time passwords do sound like a good idea. Given reasonably good encryption like in SSL, then password management becomes a weak point - which this scheme addresses. (Just parroting Schneier, and wondering if this scheme will get mention in the next Crypto-gram newsletter.)
I have the same thing in the netherlands with ABN, a 'pin pad' that I pop my card into. I type in my PIN to authenticate, then the challenge the bank website gives me, then the pin pad returns a result I type in to perform a log in or a payment/transfer. .. don't let your kids play with it.. you'll find yourself locked out of your bank card haha
The article in question is describing a one-time password, but not a one-time pad. A one-time pad must be as long as the message being encrypted.
A scratch-off password list is a password scheme.
a One-time pad is an encryption algorithm.
The two have basically nothing to do with each other.
A one time pad:
Generate a random pattern of bits of the same length as the plaintext. XOR the two. The resulting ciphertext and the random field are now both requried to re-generate the plaintext (to call one the ciphertext and one the key is wrong too. they are both statistically equivalent).
Both are also completely useless by themselves, and truly totally, provably, unbreakable.
This is the only form of unbreakable encryption.
The moment you use a pad more than once, though, it ceases to be a one-time pad, and is breakable.
A few months ago, most (AFAIK, all) portuguese banks updated their online banking auth systems.
... and so on.
There's no standard, and they seem to be having some dificulty balancing user-friendliness with security.
The current "hip" thing is to require a login/password pair, followed by things like:
- Enter the the sixth and second numbers of your ID card/passport (random positions)
- Enter your numeric PIN using the randomly placed JavaScript keypad
- Use the code-matrix card (provided by the bank) and enter the value in square 4C
- Confirm every money-moving operation with digits in random positions from a fixed (long) code given to you by the bank. Said code is regenerated every month.
I don't thinks there's any bank here using plain login/password auth. There were attempts to use personal x509 certs, but most users had trouble installing them or using them.
Many banks now have bill pay services, and some of the more poorly constructed ones (I won't mention names because I have an account with one of em :P), actually display your social security number when you log into the bill pay section. Most banks aren't that stupid, but you still run the risk of someone "paying" a bill that you didn't authorize, or cleaning out your bank account by transferring funds into your credit card, and then spending that dry.
Keep in mind folks, that in the US, electronic funds transfers just require your account number, and bank routing number. Someone armed with those two numbers, and a cooperative banking service, can drain your accounts dry, just as if someone got a hold of a blank check and forged your signature. In either case, you're in trouble unless someone at your bank puts up a red flag and stops it.
There is also a user-chosen password that must conform to certain length and content rules.
I always save my last mod point to mod up a good troll. You people are too serious.
A "one-time password" means a password that is used once and discarded. This password is typically used only for authentication purposes. By contrast, a "one-time pad" is used for encryption purposes.
One-time pads are almost never useful for typical internet situations because they are very easy to misuse and very insecure when misused. They also don't solve any problem worth solving -- conventional encryption is already strong enough that the added security of a one-time pad has no value in typical internet situations.
One-time passwords, on the other hand, do potentially have some value, because the currently available password authentication systems are quite weak compared to the strength of the corresponding encryption systems.
I've had Internet access to my bank for quite a few years now. I've got a small device that looks like a calculator, when I start it I have to type a 4 digit PIN. To access my bank I go to their website where I get an 8 digit number which I type into my device, it gives an 8 digit number back which I type into the login box in my browser.
If all went well then I'm logged in. It's a smooth operation and it works well for all computers with a browser (I use Galeon). Since the device is small I can take it with me when I go out of town.
Not anymore.
AMEX dropped this service last month.
Dave Barnes 9 breweries within walking distance of my house
I work in the security field (mostly smartcards and biometrics) and I can tell you that if that's all they have then their security sucks.
Biometrics are highly inaccurate/insecure. We break them all the time. I myself would never use anything important that was secured with only a biometric. Even a 4 digit limited error PIN would be more secure.
The ratio of people to cake is too big
same bank .. not even a bank account :p
swiss vs us ebanking
UBS Swiss Ebanking
UBS US Ebanking
how ebanking works for me sorry but everyone who doesn't understand this should not be allowed to have ebanking
i don't know why you americans let yourself be fisted by corporations like this!!!
maybe you are all masochists
stop supporting microsoft with pirating their software!!!!!
Ever since a popular Dutch bank started allowing electronic access (initially through dial-up using a modem) some years ago, they have required a user-code, and two passcodes (one picked by the bank, one by the user) to log in.
Additionally, if you want to transfer any money, you have to input a number from a list they send you through the mail. This list is printed while it's in the envelope (like some US banks do for overdraft statements and such) so no people other than the recipient ever see it. When you get close to using the last number, they send you a new list automatically.
Since they moved the whole system to the Internet, things are pretty much the same. You can log in and check your balance wherever you are, but you can only transfer money if you have your transfer-code-list with you. To me, this feels like the perfect system; in-your-way security restrictions only on the stuff that really matters.
Your login/password is sent to an "https" address. It is being sent encrypted. Look at the source and see for yourself.
You can't really go by what you see in the URL because that is the address you're looking at, not the address that the form data is posted to.
Most browsers will warn you when you try to send something that's not secure. Most likely you've disabled that warning, as almost everyone does. If you turn it back on, you will notice that the browser won't warn you when you try to login because it is encrypted.
I hate to be a pain in the ass about semantics, but the article headline is a bit misleading. It states One-Time Pads To Protect Electronic Bank Access. The article is about one-time passwords. I'm no crypto expert, but I've done my fair share of reading. A one-time pad is the closest thing available to perfect, unbreakable encryption. The idea is that two pads are generated of completely randomly generated characters, one is used to encrypt the characters (via modulo divide/add/xor, whatever) and immediately destroyed. The other is used to decrypt the message. As long as the pads contain truly random numbers, and they are never reused or recovered, the encryption will never be broken (because the cyphertext is a completely random string of characters).
A one-time password, while usually a pretty good key, is just not the same -- especially if we're talking a 64-bit key with a known encryption scheme. It can be very good, but never even close to the former.
Anyway, like I said earlier I'm not a cryptographer, but a enthusiast (at one time)...but I found that the header in the article was misleading.
-Turkey
It is secured with a *card* and a biometric.
Something you have, something you know, something you are. Two out of three is considered good security.
Biometrics is something that you *are*. There are implementation issues, sure, but people are far too hard on it as a method of authentication.
Integrate Keynote and LaTeX
Actually,
:)
If you use the swedish bank "Sparbanken" (one of the largest) you got your own RSA half-creditcard sized code generator. You enter your social security id (birthdate with 4 unique digits attached) to the bank to give the basic identification and the bank gives back a 9 digit code you enter into your RSA code generator (after entering a 4 digit access PIN code) and then get another 9 digit code that you enter into the browser to the bank.
It might sound like a lot of work, but it really goes in less than 30 seconds in most cases. Plus, you do the same procedure (get code enter code in rsa device, enter in browser to bank) everytime you want to pay a bill. Although you can stack up 20-30 payments or more and sign them just once, so it's not a procedure that really bothers anyone.
And of course all the communication is over https/ssl and all.
Just to give some more details on how it works
Most biometric systems I have come in contact with also have EKG scanners so it has to be a living finger (and not, say a gummy bear with a fingerprint on it).
Also, lets face facts here, all a mugger who has your card today has to do to get your PIN is threaten to cut your finger off.
Finkployd
Yep, I'm a programmer for one of them.
First of all, your login to our on-line banking system is a randomly generated unique 8 digit number. It's on your ATM card and it's your user ID number for the bank. You also have to remember your 6 digit PIN. But what if you forget your PIN? Well we can't give it to you. Why, because we use one half of a public private key encryption to save only the encrypted version of your PIN. And just to be safe we throw away the private key so even WE can't see what your PIN is. If we ever get hacked (and people try but they've never gotten through. And yes, we've caught them and put them in jail) in any case, if we ever do get hacked they can only see the encrypted version of your PIN and the private key to decrypt them is nowhere to be found.
So you forget your PIN. How do you get a new one? You call us and verify who you are via at least 2 or 3 different ways (I won't tell you how). Then we mail you (yes, snail mail) a new temp PIN to the address your checking account goes to. You can log in ONCE with that temp pin and you are required to change your password after the first login. By the way, if you log in 3 times incorrectly then we lock your account and notify people in the bank that this may be a hack attempt. Good thing we also log the IP address each of those login attempts were coming from.
By the way, when you first signed up you gave us a secret question like "When dad bought that farm in Kentucky he also bought some cattle. What was the name of the first cow that he bought?" You wrote the question yourself which makes it even harder for a hacker to guess what that question is. And when you applied for on-line access you gave us the answer "Matilda". That answer is also encrypted with a one way public-but-no-private-key on our servers. So when you log in with your temp password we're going to ask you the question that only you know the answer to.
I havn't even gotten to physical security. Believe me, don't even try to physically get to our servers, or even to the printers that print your statements. That is, if you could even find the buildings (There are no signs on teh building that say who we are) Add to that triple redundent servers and databases that are located in physically different locations over 200 miles apart so even a terrorist attack on one city won't destroy your bank records. AND those records are backed up and stored in yet another physical location.
And I could talk about all the auditing that the SEC does on us to make sure that our systems are secure, our data is redundently backed up, failover systems work and so on.
So yes, most banks have far more security than you can imagine. You may feel safe again.
Two areas where the USA is just out in left field, cellular services and banking. The first one has stopped suprising me, the second one blew me away. I consider my country (Poland) to be backwards, especially when it comes to commercial services - like banking. It's not.
Not only does my bank use one time passwords, the card they're on is a scratch-off card. This gives me 2 additional levels of protection. Not only does it prevent someone from peeking at my card, but it let's me verify that I made each transaction. I don't need to keep track of the last number I used, it keeps track for me. And I don't need the card unless I'm actually moving money around - all I need is my login and password.
The web interface on my bank is incredible - I can check on all transactions since I opened the account.I can set up sub-accts on the fly, issue debit cards to each of them, and my debit card works great online - so I can keep track of those internet purchases. Between-bank money transfers take a max of 1 day, usually same-day if I make it before 17.30, transfers within my bank are instantaneous - really handy for lending my brother some money *fast*.
And the icing on the cake, the thing that made me go to this bank - instant text-message updates on my current account. I get a transfer - I get an SMS, I buy something - I get an SMS. It's incredibly fast (I usually get the SMS before they hand me the reciept to sign) and incredibly useful. I know how much money I have, how much money I spent that day. It really helps to stem the spending sprees that plastic seems to lend itself to.
And all this, from my local, Polish bank.
Basicly, the bank sends you a little black box.
Then, when you log in, the bank gives you a randomly generated 1-time number.
Said number is entered into the little black box and combined by said box (using a 1-way hash) with a secret number that is never sent over the wire.
Then, after that, you send the resulting hash back to the bank which compares it with its own hash of +
The advantage is that its not possible to capture any useable information by listening on the wire, you would need the (nondescript, easy to hide) little black box to be able to login. Plus the username and password for the banking site.
The other advantage is that it helps prevent bank scams because the scan site cant get hold of your secret number and therefore cant use anything they steal to log into the bank.
It's just a US thing. Banks in the USA are for some reason stuck in the 80's.
All the banks I use in Poland provide one-time passwords for anything important. There are no checks in use, but you can use electronic money transfers to pay for just about anything (this is being introduced as "BillPay" in the US and advertised as big news).
I guess the US was first to develop a mature banking industry with credit cards and checks. This has worked so well (back in the 70's) that banks were not under pressure to innovate.
A one-time-pad is in no way the same as a one-time-password. The only thing common between the two is that they're both used only once.
A one-time-pad is a random string as long as the message you want to send, shared between sender and recipient. The sender encrypts the message by xoring with the one-time-pad and the recipient decrypts by doing xoring the ciphertext with his copy of the one-time-pad. The pads must then never be used again, and must be securely destructed to prevent people who have a copy of the ciphertext from getting hold of them. Unconditionally secure, but often impractical due to the key-handling issues.
A one-time-password, like those Banks here in Europe typically either issue to you on a sheet of 50, or in the form of a calculator-like device that generate them from the current time, a secret pin and a cryptographic hash serves a quite different purpose;
The idea is that if you force people to have long, complicated passwords, then they either write them down, use the same password on multiple sites, or both.
By using an additional one-time password, the bank makes sure that there's *two* things identifying the user logging in. One, the user knows the secret pin. (which is typically simple 4-digit or so.) and two, the user is in posession of the sheet-of-codes/calculator-thingie.
Increases security quite a bit, because it's no longer a threat if someone for example hacks the users computer and installs a keylogger or similar device. Sure that attacker will then learn the pin, but the attacker will then *also* need to break into the house of the victim or otherwise acquire the list of one-time-passwords. So at the very least you've eliminated the large group of attackers which have no physical proximity to the victim.