Wikipedia

Chip Authentication Program: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Fix missing citations; update URL linking to citation and improve citation format
Bender the Bot (talk | contribs)
Bots
1,064,377 edits
m Vulnerabilities: HTTP → HTTPS for Radboud University computer science department, replaced: http://www.cs.ru.nl/ → https://www.cs.ru.nl/
Line 41:
==Vulnerabilities==
 
[[University of Cambridge]] researchers Saar Drimer, [[Steven Murdoch]], and [[Ross J. Anderson|Ross Anderson]] conducted research<ref name="cambridge">{{cite conference |url=https://murdoch.is/papers/fc09optimised.pdf |title=Optimised to Fail: Card Readers for Online Banking |last1=Drimer |first1=Saar |last2=Murdoch |first2=Steven J. |last3=Anderson |first3=Ross |author-link2=Steven Murdoch |authorlink3=Ross J. Anderson |year=2009 |publisher=Springer |series=LNCS |volume=5628 |pages=184-200 |conference=Financial Cryptography and Data Security |doi=10.1007/978-3-642-03549-4_11}}</ref> into the implementation of CAP, outlining a number of vulnerabilities in the protocol and the UK variant of both readers and cards. Numerous weaknesses were found. [[Radboud University]] researchers found a vulnerability in the Dutch [[ABN AMRO]] e.dentifier2, allowing an attacker to command a [[USB]] connected reader to sign malicious transactions without user approval.<ref name="radboud">[httphttps://www.cs.ru.nl/~rverdult/Designed_to_Fail_A_USB-Connected_Reader_for_Online_Banking-NORDSEC_2012.pdf Designed to Fail: A USB-Connected Reader for Online Banking]</ref>
 
==Users==
Retrieved from "https://en.wikipedia.org/wiki/Chip_Authentication_Program"