||Li, S., Sadeghi, A.-R., Heisrat, S., Schmitz, R., Ahmad, J.J.
||hPIN/hTAN: A lightweight and low-cost e-banking solution against untrusted computers
||In this paper, we propose hPIN/hTAN, a low-cost hardware
token based PIN/TAN system for protecting e-banking systems against
the strong threat model where the adversary has full control over the
user’s computer. This threat model covers various kinds of attacks related
to untrusted terminal computers, such as keyloggers, screen scrapers,
session hijackers, Trojan horses and transaction generators.
The core of hPIN/hTAN is a secure and easy user-computer-token inter-
face. The security is guaranteed by the user-computer-token interface and
two underlying security protocols for user/server/transaction authentica-
tion. The hPIN/hTAN system is designed as an open framework so that
the underlying authentication protocols can be easily reconfigured. To
minimize the costs and maximize usability, we chose two security proto-
cols dependent on simple cryptography (a cryptographic hash function).
In contrast to other hardware-based solutions, hPIN/hTAN depends on
neither a second trusted channel nor a secure keypad nor external trusted
center. Our prototype implementation does not involve cryptography be-
yond a cryptographic hash function. The minimalistic design can also
help increase security because more complicated systems tend to have
more security holes. As an important feature, hPIN/hTAN exploits hu-
man users’ active involvement in the whole process to compensate secu-
rity weaknesses caused by careless human behavior.