Thursday, October 24, 2013

Online banking by mTAN procedure - Safe? Certainly not! - Sü

news on Sü money

Sü Set as Home Note Do not show Close

24 October 2013 19:36

bank customers need to worry, because for the first time scammers have systematically tricked a system that was thought to be relatively well protected. But there can be no final security for online banking. It is all the more important that the banks pay for possible damage.

A comment from Harald Freiberger

Something is happening here, but you do not know what it is. The recent series of fraud in online banking has deeply troubled bank customers. First time offenders have systematically undermined a system that had previously been considered relatively safe: the mTAN process in which the client initiates a transfer on the computer, required for this transaction number gets on the phone by SMS. For safe keeping the method, because there are two separate systems are involved, which can not be so easily fooled. You thought. But now it has happened, at least seven times throughout the country.

worrying are the cases also because the scammers captured enormous sums. In one case, there were 77,000 euros, 58,000 euros in another, in two other cases together 200,000 euros. This means that the offender must have previously researched almost where the fraud worthwhile. Therefore, the victims had so much money on their accounts because they intended to buy a property. Of the dubious transactions they knew nothing. The money was suddenly gone, just like that.

fraud Series is a further proof of the thesis of experts that there is no 100 percent security for online banking. The mTAN procedure was introduced about two years ago by many banks because the previous method had been found to be susceptible. In ancient times there were lists with transaction numbers that online customers were sent on paper. When these were fished out by scammers, they developed the iTan process with a numbered list Tan, in a certain Tan before any transaction is requested. But also because it always came back to fraud. The mTAN procedure seemed to be a way out – until now. It is a hare and hedgehog race where fraudsters take over the role of the Hedgehog, and say I’m all here


a Trojan peered the scam victim out of the computer

What remains

customers who still want it, convenient to do their banking on the computer? After all, in Germany there are 50 million online account. In the current case of fraud it was so that the perpetrators first spied the computer of those affected. Usually runs about a trojan, a spyware that installs itself when the user clicks on a fraudulent link. The best protection against this is initially a current virus software and basic care with prompts to click anything. Banks do not send such requests.

Cracking the computer apparently also meant that the perpetrators of data approach came to the mobile phone contract that was stored on the computer. With this they were able to make the contract with the provider by phone unlock for another SIM card, which they had previously worried. The best protection against the double deception is to keep the two systems separate, so you do not store data on the mobile computer. But that is easier said than done. Many mobile operators send the bills no longer post, but only online.


two other methods that have not yet proven to be resistant against fraud. One hand there is the tan-generator, a small separate device, you just plug in the debit card and the tan produced in the interaction with the computer only. The problem here is that it does not offer all banks. And there are the so-called HBCI process in which an encryption appliance is installed directly on the computer, and the 50 to 100 euros costs.

Banks must ensure the security of transactions

But above all is the proposition that there is no final security. It is even more important for consumers to have confidence that the bank pays for the damage in case of fraud. The case law is clear: if the customer could not prevent damage, because he knew nothing of the fraud, as was evident in the current cases, the bank is liable. Nevertheless, it happens that victims are put off for weeks. This is especially unreasonable when it comes to large sums of money, sometimes to the entire saved.

banks save money, time and personnel, if the customer does his own affairs. It is their job to ensure the safety of these transactions, and where gaps open up, red tape to compensate. Otherwise, intensified by the customer’s sense of insecurity and confidence in the banks, that is after a yes slogan the beginning of everything, continues to fade.

More data-abbr=”hf”> Harald Freiberger

See more room tips id=”functions” data-bind=”articleFunctions”>
  • sending
  • Discuss
  • feedback to editors
  • copy short URL

    URL is copied to the clipboard

  • copy short URL

    Please copy the URL manually.


  • source and Editor: SZ on 25.10.2013/sks

    Now most read on the home page of

    spying of Merkel cell phone espionage against U.S. embassy

    problems with mTAN method Nationwide Series fraud in online banking

    Exclusive Up to 200,000 EUR away just like that: The police has registered at least seven cases of fraud in the so-called mTAN procedure in recent weeks, the criminals peeking in online banking mass data of bank customers. from, and obtain large sums of money via SMS. supposedly safe to mTAN procedure there are alternatives. By Harald Freiberger more …

    mTAN for online banking simply debited € 77826.33

    By Harald Freiberger more …

    Reading Tip of the current SZ: “The murderer is not looking to”

    Wolfgang subfield hunts for 30 years, great insurance scam. Now tell the investigators why some husbands get away with killing her, Woman, why half of the rip-offs to manage hundreds of thousands of euros – and how often wanted him out of the way criminals. Let’s talk about money. Read now …

    See more room tips class=”departments”>

  • News
  • Policy
  • Panorama
  • Culture
  • Economy
  • Sports
  • Munich
  • Bavaria
  • Digital
  • car
  • Travel
  • video
  • knowledge
  • money
  • life
  • style
  • Career
  • Education
  • media
  • health
  • See more room tips class=”business”>

  • Privacy
  • Usage-based online advertising
  • Media
  • Newsletter
  • Conditions
  • Contact Us
  • Copyright © Süddeutsche Zeitung Digital Media GmbH / Süddeutsche Zeitung GmbH

    article in the Süddeutsche Zeitung licensed by DIZ München GmbH More about exclusive licensing

    No comments:

    Post a Comment