We register new cases of phishing and bank fraud every day. We and the BSI would like to point out that you should use two-factor authentication for logins if possible. It is also recommended that you do not forgo TAN procedures when banking online, even if your bank offers you more convenient alternatives.

Thanks to online banking and banking apps, it is now easily possible to check the current account balance or make transfers PC or on the go using your smartphone online banking is a preferred target for cyber criminals who want to intercept sensitive data and empty accounts. TAN , which is now considered insecure . To secure themselves, online banking users have to prove their identity with two different, independent components. In order to protect bank accounts from unauthorized access and to ensure a higher level of security, different variants of TAN procedures are used for transactions initiated online. The TAN is generated once immediately before the transaction.

With the mTAN process, authentication takes place over two separate channels, with each individual TAN being sent by the bank to the customer's smartphone, who then enters it on the computer for confirmation. However, if only one device is used for mobile banking, there is only one channel for authentication, which should be avoided at all costs. Another option for online banking is identification using an external reader, such as the chip TAN and photo TAN procedures. While with the chip TAN process the transfer data is verified by reading the debit card in a TAN generator, with Photo-TAN a reader reads a graphic on the display of the smartphone or computer and decrypts it. The chip TAN procedure is currently considered one of the safest procedures.

For all procedures, however, the fact that the device used is infected with malicious software can lead to cyber criminals spying on the authentication process and making transfers without the knowledge of the account owner. In addition to phishing attacks, banking Trojans are among the most common threats. Both methods aim to spy on communication with the bank in order to obtain PINs and TANs. In this way, a Trojan can spy out access data unnoticed. This data is then used, for example, to redirect an SMS using the m-TAN procedure and initiate a transfer to a third-party account. Users should be aware of the risks and dangers that accessing their bank account via the Internet can entail.

Further safety information

  • When it comes to mobile banking, it's not just the security risks known from online banking on your home PC that are important - there are also other risks associated with mobile internet use. This is another reason why it is important to protect your smartphone and regularly install available updates.
  • There is also potential for danger when downloading a banking app. When it comes to banking apps, users should critically check whether the software is from their credit institution or a reputable financial service provider and only download apps from a certified app store.
  • In general, users should not set up an automatic login for a banking app or save access data on the smartphone used for online banking.
  • Customers usually receive detailed security instructions for using mobile banking and online banking from their respective bank or savings bank.

Source: www.bsi-fuer-buerger.de


If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:

📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.

Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!

* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!


Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )