Contact
QR code for the current URL

Story Box-ID: 306839

ENISA - European Network and Information Security Agency P.O. Box 1309 71001 Heraklion, Crete, Greece http://www.enisa.europa.eu
Contact Mr Ulf Bergström +30 694 846 0143
Company logo of ENISA - European Network and Information Security Agency
ENISA - European Network and Information Security Agency

ENISA launches new Position Paper on security risks in online banking through European eID cards

(PresseBox) (Heraklion, Crete, )
The EU's 'cyber security' Agency, ENISA (the European Network and Information Security Agency) today presents its new Position Paper. The paper is focusing on authentication risks with European eID Cards. It analyses 7 vulnerabilities, identifies 15 threats and gives security recommendations.

Major European eID interoperability projects, such as STORK and its successor ELSA are aiming at a Europeanwide takeup of new technologies. In this context, ENISA takes an independent look at the security risks related to online banking authentication by comparing smart eID cards with other authentication means in its latest Position Paper.

Online banking in one of the most widelyused electronic services by European consumers. It is a strategic service for financial institutions and users. With 24 hour service availability, it is extremely convenient. It is often without any extra costs; or even at reduced costs compared to traditional banking processes. However, online banking fraud is on the rise. Thus, security is a major concern both for online banking, e.g. tax declarations. The report also includes a case study on privacy issues when authenticating with smart cards to online social networks.

The Agency report explains that because more and more internet applications require authentication, more standardized approaches to user identification and authentication are needed. In Europe, several states have already rolled out electronic ID cards. The first steps when we use internet services are usually to identify ourselves by our names and then authenticate that it is us. The security levels for these steps can vary from a simple combination of username, password, through a secret PIN, to credentials generated by some external device or a smart card using cryptography. Smart cards are increasingly being used for authentication purposes. Many European identity cards contain a smartcard chip, with functionalities for online authentication.

The ENISA Position Paper defines a comprehensive list of requirements for national ID cards to ensure that they become as flexible and as multipurpose as possible.

The Executive Director of ENISA Dr Udo Helmbrecht concludes: "Electronic identity cards offer secure, reliable electronic authentication to Internet services, but banks and governments must cooperate better to be able to use national eID cards for banking purposes."

Download the full report:

http://www.enisa.europa.eu/...

For interviews:

Ulf Bergstrom, Press & Communications Officer, ENISA, press@enisa.europa.eu, Mobile: + 30 6948 460143
The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.
Important note:

Systematic data storage as well as the use of even parts of this database are only permitted with the written consent of unn | UNITED NEWS NETWORK GmbH.

unn | UNITED NEWS NETWORK GmbH 2002–2024, All rights reserved

The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.