/>
X

SMS tokens are vulnerable to interception, experts warn

SMS tokens used to validate payments could be targeted by criminals as they open up more vulnerabilities in the mobile channel, RSA has warned
darren-pauli.jpg
Written by Darren Pauli on

Attacks on mobile phones will increase this year as criminals attempt to intercept SMS-based authentication tokens, according to security company RSA.

The tokens are designed to complement username and password log-in checks by requiring users to validate payments with unique numerical codes, in this instance sent by SMS. The Commonwealth Bank of Australia claims to have 80 percent of its customer base using tokens to validate third-party payments via SMS or through safer handheld token number generators.

However, RSA has said in a 2011 predictions report that sending tokens via SMS will make phones a target. "The use of out-of-band authentication SMS... as an additional layer of security adds to the vulnerabilities in the mobile channel," the company said in its report. "A criminal can... conduct a telephony denial-of-service attack which essentially renders a consumer's mobile device unavailable."

For more on this ZDNet UK-selected story, see SMS bank tokens vulnerable: RSA on ZDNet Australia.


Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.

Related

Apple politely explains why iPhone cases are a waste of money
Apple iPhone 13 Pro Max

Apple politely explains why iPhone cases are a waste of money

Apple
The 8 best iPhone models of 2022
iphone-12-models.png

The 8 best iPhone models of 2022

iPhone
Delta Air Lines just made a callous admission that customers may find galling
screen-shot-2022-07-18-at-5-18-46-pm.png

Delta Air Lines just made a callous admission that customers may find galling

Business