[Tinkerphones] OT: Banking in Germany (was: Strategies for sustainable phones)
paul at boddie.org.uk
Sun Sep 22 13:21:35 CEST 2019
On Saturday 21. September 2019 21.33.22 Xavi Drudis Ferran wrote:
> El Sat, Sep 21, 2019 at 07:22:22PM +0200, H. Nikolaus Schaller deia:
> > > Am 21.09.2019 um 19:14 schrieb Martin <debacle at debian.org>:
> > >
> > >
> > > Note: I live in Germany and do not own a mobile phone. My bank
> > > uses the so-called "Sm at rt-TAN plus", where one inserts the bank
> > > card. It reads some flickering code from the screen and displays
> > > the TAN. It was less than 12 € in the electronics shop nearby.
It's an interesting but rather convoluted approach, almost sounding like a
distant relation of those "data watches" from thirty years ago or more.
Initially, when reading the above far too quickly, I just thought it was like
the system that at least one Swiss bank had (and probably still has) involving
a fairly basic smartcard reader with keypad and small LCD panel, into which a
specially issued card was inserted. The reader would then ask for a PIN and
some code from the online bank and then a response code would be given on the
panel to be typed into the banking interface.
This is rather more complicated than the system many Norwegian banks have used
which involves single-button, six-digit "RSA tokens" that just generate
numbers in a sequence. These tend to be incorporated into whatever
authentication mechanism each bank uses, but many of them now use a common
scheme called BankID that supports plain Web use: it used to be some dubious
Java application (not applet) that wanted to "check" your system, but now this
The BankID stuff is also available for phones, and I think this is a
combination of "app" and the use of a fundamental cellular technology for
storing the credentials, maybe in the SIM card or in a supposedly secure part
of the hardware. In principle, any phone supporting the basic cellular
technologies could support such mechanisms, but I don't know about the BankID
(Country- and industry-specific protocols can be stupidly secretive or
restrictive, driven by some ambition to establish broader adoption elsewhere
and for the initiators to be able to make lots of money with their "winning
> I do care about free and open, but I'd care even more in banking
> than other uses. I haven't researched this, but I've heard SMS
> security is long broken, and phones physical security seems to me very
SMS isn't secure, and I rather think that it is just assumed that the path
through the infrastructure will all be in the same data centre, from a server
in one rack to a server in another, and that the bad people won't be able to
find a way in. And let us not get started on unsigned, unencrypted e-mails
being fired around from institutions like banks...
> Pse. Mine is also a cooperative, but now it requires a mobile phone to
> operate. For many years it was enough with login and password, and for
> operations moving money, a printed code card (a small One-Time-Pad,
> which I left at home).
Printed cards were a feature of Norwegian banks before the code generator
tokens were introduced. They aren't a bad solution, but I guess the logistics
of having to print them and send them out are a hassle and an expense for the
> I mean being a cooperative is not immediately a silver bullet (but maybe
> the rest of banks are even worse).
I think the banking sectors in most countries still have a lot of skeletons in
their closets, despite having supposedly been reformed, audited, "stress-
tested" and so on.
P.S. Restrictive and unnecessarily complicated mechanisms for authentication
would undermine Bunnie's Betrusted concept which seeks to avoid security
problems with general-purpose devices:
More information about the Community