|Main Archive Page > Month Archives > pen-test archives|
I'd just like to make some comments, i didn't think about a solution for your problem.
First of all i think that my Budi wibowo got something wrong regarding who is sending the PIN.
Second, GSM is cracked: http://reflextor.com/trac/a51 and can be intercepted and decrypted. You should take this into account.
Third i think the only farely safe way to make money transfers is with
transaction numbers, TANs. German banks send mobileTANs to
preregistered cell phone numbers to allow a transaction (through
online banking though).
A "three-way-handshake" with a mTAN should pretty much prevent transactions through spoofed numbers.
Absolute IT Consulting S.A.
San Josť, Costa Rica