Transaction authentication number: Difference between revisions

pushTAN is an [[Mobile application software|app]]-based TAN scheme by German Sparkassen banking group reducing some of the shortcomings of the [[#Mobile TAN (mTAN)|mTAN]] scheme. It eliminates the cost of SMS messages and is not susceptible to SIM card fraud, since the messages are sent via a special text-messaging application to the user's smartphone using an encrypted Internet connection. Just like mTAN, the scheme allows the user to cross-check the transaction details against hidden manipulations carried out by [[Trojan horse (computing)|Trojans]] on the user's PC by including the actual transaction details the bank received in the pushTAN message. Although analogous to using mTAN with a smartphone, there is the risk of a parallel malware infection of PC and smartphone. To reduce this risk the pushTAN app ceases to function if the mobile device is [[Rooting (Android OS)|rooted]] or [[IOS jailbreaking|jailbroken]].<ref>[https://www.berliner-sparkasse.de/privatkunden/banking/pushtan/faq/index.php?n=%2Fprivatkunden%2Fbanking%2Fpushtan%2Ffaq%2F#info_41 ''Online-Banking mit pushTAN - FAQ''] berliner-sparkasse.de, Berliner Sparkasse (AöR), Retrieved on August 27, 2014.</ref> In late 2014 the Deutsche Kreditbank (DKB) also adopted the pushTAN scheme.<ref>[https://www.dkb.de/info/tan-verfahren/pushTAN/ ''Informationen zu pushTAN''] dkb.de, Deutsche Kreditbank AG, Retrieved on March 12, 2015.</ref>