comscore Apple iOS 12 feature exposes users to online banking fraud | BGR India

Apple iOS 12 feature exposes users to online banking fraud

The new auto-fill feature takes away the human validation aspect from a transaction, exposing users to banking fraud.

  • Published: July 4, 2018 4:00 PM IST

With the new iOS 12, Apple introduced a new range of features that help boost the performance and the experience on the iPhone. One of the key features introduced with iOS 12 is the security code auto-fill feature that is said to make the two-factor authentication easy by the automatically entering the OTP received via an SMS. However, a new report shows that the feature, instead of improving security, makes users more susceptible to online banking fraud. Also Read - Apple iOS 14 and iPadOS 14 public beta released with redesigned homescreen, scribble, compact UI and more new features

Also Read - iPhone 12 leaked packaging suggests Apple could drop charger and earpods: Report

Andreas Gutmann, a researcher at OneSpan s Cambridge Innovation Centre notes that the human validation is an important aspect of the two-factor authentication. It is what adds the security benefit. However, iOS 12 s feature takes away exactly that from the entire process. Also Read - Apple iOS 13.5.1 update introduced an infuriating bug

The report suggest this to be a big probelm for transaction authentication. These are aimed at getting the correctness of the intention of an action, rather than the identity of a user. It is most widely used in online banking, and in particular as a way to meet the EU s Revised Payment Services Directive (PSD2) requirement for dynamic linking, where it is an essential tool to defend against sophisticated attacks.

Watch: Apple iOS 12 features

Gutmann notes that this could expose users to online banking frauds as these kinds of transaction authentication are generally used for banking. For example, it will be possible for someone to trick user into transferring money to a different account. Threats also include man-in-the-middle, phishing, social engineering attacks through phishing tools such as Man-in-the-Browser malware.

For the latest tech news across the world, latest PC and Mobile games, tips & tricks, top-notch gadget reviews of most exciting releases follow BGR India’s Facebook, Twitter, subscribe our YouTube Channel.
  • Published Date: July 4, 2018 4:00 PM IST

new arrivals in india

Best Sellers