On the security and privacy of Interac e-Transfers
share
Nowadays, the Interac e-Transfer is one of the most important remote payment methods for Canadian consumers. To the best of our knowledge, this paper is the very first to examine the privacy and security of Interac e-Transfers. Experimental results show that the notifications sent to customers via email and SMS contain sensitive private information that can potentially be observed by third parties. Anyone with illegitimate intent can use this information to carry out attacks, including the fraudulent redirection of Standard e-Transfers. A recent news article supports this finding. Improvements to overcome these interconnected privacy and security problems are proposed and discussed.
READ FULL TEXT