Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
AVLab Feb 2019 - Online Banking Protection Test (Windows 10)
Message
<blockquote data-quote="Freki123" data-source="post: 805904" data-attributes="member: 11229"><p><s>Haven't tried Spyshelter in some time but in the older versions there was a button to disable the firewall. </s>(Backup pc before any experiment)</p><p>On second thought what would be the difference in the test when used the spyshelter version without the firewall? (Can't answer that sorry)</p><p></p><p>I just wanted to write why not just use a optical chip tan generator, when wikipedia told me only two countries use it <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite116" alt=":D" title="Big grin :D" loading="lazy" data-shortname=":D" /></p><p></p><p>A ChipTAN generator is not tied to a particular account; instead, the user must insert their <a href="https://en.wikipedia.org/wiki/Bank_card" target="_blank">bank card</a> during use. The TAN generated is specific to the bank card as well as to the current transaction details. There are two variants: In the older variant, the transaction details (at least amount and account number) must be entered manually. In the modern variant, the user enters the transaction online, then the TAN generator reads the transaction details via a flickering <a href="https://en.wikipedia.org/wiki/Barcode" target="_blank">barcode</a> on the computer screen (using <a href="https://en.wikipedia.org/wiki/Photodetector" target="_blank">photodetectors</a>). It then shows the transaction details on its own screen to the user for confirmation before generating the TAN.</p><p>As it is independent hardware, coupled only by a simple communication channel, the TAN generator is not susceptible to attack from the user's computer. Even if the computer is subverted by a <a href="https://en.wikipedia.org/wiki/Trojan_horse_(computing)" target="_blank">Trojan</a>, or if a <a href="https://en.wikipedia.org/wiki/Man-in-the-middle_attack" target="_blank">man-in-the-middle attack</a> occurs, the TAN generated is only valid for the transaction confirmed by the user on the screen of the TAN generator, therefore modifying a transaction retroactively would cause the TAN to be invalid.</p></blockquote><p></p>
[QUOTE="Freki123, post: 805904, member: 11229"] [S]Haven't tried Spyshelter in some time but in the older versions there was a button to disable the firewall. [/S](Backup pc before any experiment) On second thought what would be the difference in the test when used the spyshelter version without the firewall? (Can't answer that sorry) I just wanted to write why not just use a optical chip tan generator, when wikipedia told me only two countries use it :D A ChipTAN generator is not tied to a particular account; instead, the user must insert their [URL='https://en.wikipedia.org/wiki/Bank_card']bank card[/URL] during use. The TAN generated is specific to the bank card as well as to the current transaction details. There are two variants: In the older variant, the transaction details (at least amount and account number) must be entered manually. In the modern variant, the user enters the transaction online, then the TAN generator reads the transaction details via a flickering [URL='https://en.wikipedia.org/wiki/Barcode']barcode[/URL] on the computer screen (using [URL='https://en.wikipedia.org/wiki/Photodetector']photodetectors[/URL]). It then shows the transaction details on its own screen to the user for confirmation before generating the TAN. As it is independent hardware, coupled only by a simple communication channel, the TAN generator is not susceptible to attack from the user's computer. Even if the computer is subverted by a [URL='https://en.wikipedia.org/wiki/Trojan_horse_(computing)']Trojan[/URL], or if a [URL='https://en.wikipedia.org/wiki/Man-in-the-middle_attack']man-in-the-middle attack[/URL] occurs, the TAN generated is only valid for the transaction confirmed by the user on the screen of the TAN generator, therefore modifying a transaction retroactively would cause the TAN to be invalid. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
