Difference between revisions of "Flicker"
(ccc-ffm link) |
(→Approaches: Review of irc logs for links complete) |
||
| Line 34: | Line 34: | ||
===Modules=== | ===Modules=== | ||
An MIT-licensed javascript implementation is available at https://github.com/my-flow/fintex/blob/master/lib/tan/flicker_code.ex | An MIT-licensed javascript implementation is available at https://github.com/my-flow/fintex/blob/master/lib/tan/flicker_code.ex | ||
| + | ==Security== | ||
| + | Already in 2009 was shown that it is not totally secure against man in the middle attacks: | ||
| + | https://www.redteam-pentesting.de/en/publications/MitM-chipTAN-comfort/-man-in-the-middle-attacks-against-the-chiptan-comfort-online-banking-system | ||
Revision as of 22:19, 27 July 2017
This page is a collection of information about FinTS Flicker Code. The more official term is optical ChipTAN, another name is Sm@rtTAN.
Contents
Intro
Requests
Several users asked for it:
https://bugzilla.gnome.org/show_bug.cgi?id=667490 - Support aqbanking feature: optical chip tan
Official Specs
State: 2017-07-25
Other Details
https://wiki.ccc-ffm.de/projekte:tangenerator:start has useful links like
- flicker.sh
- JS Flickercode generator with Checksum calculation: http://6xq.net/blog/2010/flickercodes/flickercode.html
Videos
Initialization: https://www.youtube.com/watch?v=mCmQFEGf-_k
Transaction: https://www.youtube.com/watch?v=U7PnC1S-j4I
Approaches
Programs
Olaf Willuhn's GPL2ed Java based Hibiscus has also a nice german wiki and other links.
A incomplete list of FOSS banking software
Modules
An MIT-licensed javascript implementation is available at https://github.com/my-flow/fintex/blob/master/lib/tan/flicker_code.ex
Security
Already in 2009 was shown that it is not totally secure against man in the middle attacks: https://www.redteam-pentesting.de/en/publications/MitM-chipTAN-comfort/-man-in-the-middle-attacks-against-the-chiptan-comfort-online-banking-system
