Towards a framework for handling disputes in payment systems
N. Asokan, Els Van Herreweghen, et al.
USENIX EC 1998
Automatic teller machines, Internet kiosks etc. are examples of public untrusted terminals which are used to access computer systems. One of the security concerns in such systems is the so called fake terminal attack: the attacker sets up a fake terminal and fools unsuspecting users into revealing sensitive information, such as PINs or private e-mail, in their attempt to use these terminals. In this paper, we examine this problem in different scenarios and propose appropriate solutions. Our basic approach is to find ways for a user to authenticate a public terminal before using it to process sensitive information.
N. Asokan, Els Van Herreweghen, et al.
USENIX EC 1998
N. Asokan, Victor Shoup, et al.
IEEE Journal on Selected Areas in Communications
Hervé Debar, Marc Dacier, et al.
Annales des Telecommunications/Annals of Telecommunications
Liqun Chen, Matthias Enzmann, et al.
FC 2005