El-Serngawy et al., 2015 - Google Patents
Captureme: Attacking the user credential in mobile banking applicationsEl-Serngawy et al., 2015
- Document ID
- 9814702230669777941
- Author
- El-Serngawy M
- Talhi C
- Publication year
- Publication venue
- 2015 IEEE Trustcom/BigDataSE/ISPA
External Links
Snippet
Recently, the wide use of smart devices (phones and tablets) encourage financial institution  to consider mobile banking applications as a necessity service to their clients. In this paper,  we propose a screenshot attack" CaptureMe" to investigate the security risks of the … 
    - 238000000034 method 0 abstract description 52
Classifications
- 
        - G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
 
- 
        - G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
 
- 
        - G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
 
- 
        - G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
 
- 
        - G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/00006—Acquiring or recognising fingerprints or palmprints
 
- 
        - G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/20—Image acquisition
 
- 
        - G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/36—Image preprocessing, i.e. processing the image information without deciding about the identity of the image
- G06K9/46—Extraction of features or characteristics of the image
 
- 
        - G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
 
- 
        - G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
 
- 
        - G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
 
- 
        - G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
 
- 
        - G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
 
- 
        - G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
 
- 
        - G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
 
Similar Documents
| Publication | Publication Date | Title | 
|---|---|---|
| US10038690B2 (en) | Multifactor authentication processing using two or more devices | |
| KR100812411B1 (en) | Method and system for graphic image authentication | |
| US10395065B2 (en) | Password protection under close input observation based on dynamic multi-value keyboard mapping | |
| US20040073809A1 (en) | System and method for securing a user verification on a network using cursor control | |
| US20170201547A1 (en) | Methods and systems to detect attacks on internet transactions | |
| CN104200150B (en) | Method and device for processing verification codes | |
| ES2937143T3 (en) | Procedure for monitoring and protecting access to an online service | |
| CN106850503B (en) | Login-free identity authentication method and device | |
| Marforio et al. | Evaluation of personalized security indicators as an anti-phishing mechanism for smartphone applications | |
| US8893034B2 (en) | Motion enabled multi-frame challenge-response test | |
| US12192233B2 (en) | Systems and methods for phishing attack protection based on identity provider verification | |
| ES2965391T3 (en) | Method of monitoring and protecting access to an online service | |
| CN114363088B (en) | Method and device for requesting data | |
| US20230065787A1 (en) | Detection of phishing websites using machine learning | |
| Konoth et al. | Securepay: Strengthening two-factor authentication for arbitrary transactions | |
| ES2967194T3 (en) | Method of monitoring and protecting access to an online service | |
| Fernandes et al. | Tivos: Trusted visual i/o paths for android | |
| US20180124034A1 (en) | Image based method, system and computer program product to authenticate user identity | |
| Fernando et al. | Challenges and opportunities in password management: a review of current solutions | |
| El-Serngawy et al. | Captureme: Attacking the user credential in mobile banking applications | |
| Arun Kumar et al. | A survey on graphical authentication system resisting shoulder surfing attack | |
| KR20130085566A (en) | Apparatus and method of authentifying password using captcha | |
| Boutin | The evolution of webinjects | |
| Lee et al. | Vulnerability analysis on the image‐based authentication: Through the WM_INPUT message | |
| Hydara et al. | The limitations of cross-site scripting vulnerabilities detection and removal techniques |