View
222
Download
0
Category
Preview:
Citation preview
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
1/20
0
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
2/20
1
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
3/20
WHAT KEEPS USERS AWAY?
47%
46%
43%
39%
40%
50%
45%
I fear that my accountinformation will be
viewed
by an unauthorized party
I prefer dealing with
2
34%21%
15%
20%
19%
13%
26%
20%
12%
I do not want to pay a fee
I do not findonline banking
valuable
2008
2007
2006
2005
0% 10% 20% 30% 40% 50% 60%
Javelin Strategy and Research, August 2008
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
4/20
Identity Fraud Evolution and Solutions
SiliconIndia Security Conference 2011,
Mumbai
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
5/20
AgendaAttack vectors
Phishing
Man-in-the-middle (MITM) attacksMalware
Solutions
One-time passwords
Transaction signaturesEndpoint assessment
Summary
4
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
6/20
Phishing
5
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
7/20
Pharminghttp://wwwhttp://www
6
http://www
User
Website
www.nicebank.com
Fake Website
www.n1cebank.com
Attacker
DNS Server(Local or ISP)
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
8/20
Smishing
7
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
9/20
Vishing
8
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
10/20
Two factor authenticationSomething the user has
Strengths
9
Compromised user credentials less valuable for attackerBreak down the traditional economic model of phishing attacks
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
11/20
Types of one-time-passwordsCounter-based one-time passwords
Time-based one-time passwords
10
Challenge-based one-time passwordsMutual authentication one-time passwords
Out-of-Band one-time passwords
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
12/20
OATH (Open Authentication)A group of technology and industry leaders
60+ members
Open and royalty-free specifications
Promote interoperability
Benefits
Standardization drives down costPrevents vendor lock-in
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
13/20
MITM / MITB attacksMan-in-the-middle attack
Web-
12
End-UserJohn
1. John, psd
Browser NetBankingServer
BankingTrojan
2. OTP
3. $500 to Bob
1. John, pswd
2. OTP
3. $500 to Bob
1. John, pswd
2. OTP
3. $5000 to Bill
End-Users Computer
Man-in-the-browser attack
erver
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
14/20
Transaction Signing Soft TokensSignature = cryptographic Message Authentication Code
Transaction signature
13
On Internet BankingOn the software token
Enter Account no
0243758
Enter Amount
0243758
500.00
Generate Signature
0243758
500.00
afcbff100
Seal Transaction
with Signature
0243758
500.00
afcbff100
stored in Audit Log
for verification
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
15/20
Risk levels (NIST SP 800-63-1)
14
Minimal
High
Medium
Low
KBA
OTP
PKI
OOB
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
16/20
Security Industry in 2001
15
Security Industry in 2011
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
17/20
Trojans / Malware
16
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
18/20
Endpoint AssessmentEndpoint Security Assessment
Session Clean-Up
17
POLICY
Personal Firewall
Anti-Virus
Spyware
Patches
Inventory Device using
File Scan
Process Scan
Registry ScanOS Scan
Compare device scan
with access policy
SCAN COMPARE
AllowPartial PassDecline
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
19/20
SummarySophistication of identity fraud schemes is increasing
Authentication deployments are converging to:
18
Hybrid solutions: >1 authentication method per end-user
Risk-based authentication
Endpoint security assessment
Choose a technology that
Does not lock you inProvides entire solution from authentication to endpoint assessment to
abolishment
8/7/2019 Nexus PortWise - Internet Banking Frauds - Evolution and Solutions - SiliconIndia Security Conference 2011, Mumbai
20/20
Questions and Answers
E-mail: tejas.lagad@nexussafe.comMobile: +91 99229 39931Twitter: @Ltejas
Recommended