23 | 09 | 1398
Main Menu

نرخ ارز

14.12.2019

  US$
نرخ مرجع    42.000   46.705

Sanarate (Bargeld, Vortag)

131.352 145.112

An Feiertagen werden keine Devisenraten veröffentlicht. Quellen:  www.cbi.ir;  sanarate.ir

آگهی

 

 

آخرین اخبار و اطلاعات اقتصادی
پر بیننده ترین مطالب

صفحه اصلی

Static Debit Card Passwords Expire Dec 22

Financial Tribune:   With the launch of one-time password for debit cards on December 22, all static passwords will be deactivated, the vice central bank governor for innovative technologies, said.  Mehran Moharamian said grounds are paved for launching the OTP by the beginning of the next calendar month on Dec. 22, and banks are informing customers about the plan, IBENA reported. Earlier in the month the Central Bank of Iran announced a deadline based on which using the OTP would be obligatory for all non-card transactions from Dec. 22.  The CBI said banks and credit institutions are ready to offer OTP services, asking customers to activate the service before the deadline expires. With the mandatory deadline approaching, there are far too many bank customers concerned about how the system will take effect. 

In the meantime banks have started sending text messages inviting customers to activate OTP for their debit cards by installing a special application on their smart phones. This is while most clients have accounts in more than one bank and obliging them to install multiple e-bank soft­ware would be one more hassle. Moreover, there are clients who don’t have smart phones to run the application or simply cannot use the application. To address these concerns, Mohara­mian said the CBI has developed a centralized system, dubbed Harim, for offering OTP via the short message service (SMS). The system would enable all customers to use OTP services.  

 

Security Risks

Moharamian added that banks have not yet connected to the CBI’s new system, saying the platform will be up and running before the deadline. This is while, observers say offering OTP via SMS platform will pose security risks while also overburdening the telecommunication net­work. The one-time password, developed to address shortcomings of static passwords, is a code valid for a single login or online transaction on a computer system or other digital devices that gets discarded in 60 seconds. 

This means that a potential intruder who manages to record an OTP that was already used to log into a service or make a transaction, will not be able to abuse it because it will no longer be valid. The crucial role of OTPs is that unlike static passwords, they are not vulnerable to replay attacks.  An OTP is more secure than a static password, especially a user-created password, which may be weak or reused across multiple accounts.