Insecure Real-World Authentication Protocols (or Why Phishing is so Profitable)

Richard Clayton
Thirteenth Cambridge Protocols Workshop, Sidney Sussex, 2005.


The users of online banking systems are currently at risk from phishing scams. Confidence tricksters persuade them to visit fraudulent websites and use their authentication credentials to steal from the victims‘ accounts. We analyse the authentication protocols used for  online banking, and that they are entirely inadequate, and consider how to improve systems design so as to discourage attacks.

[Full Article], [Slides]

Schreibe einen Kommentar