How to prevent Man-in-the-Middle attacks

Man-in-the-Middle (MITM) attacks have become a very popular method for hackers to gain access to sensitive information, steal credentials or infect endpoints, for instance for ransomware attacks. For retail banks or other financial service companies, Man-in-the-Middle attacks are a true nightmare as ever more people are using mobile devices to perform financial transactions. TrustBuilder Mobile Authenticator brings unique Multi-Factor Authentication (MFA) features that can prevent this type of attack.

Main in the middle blog

A Man-in-the-Middle attack happens when a hacker intercepts communication between two parties who think they are communicating directly. This can happen, for example, when you log into a public Wi-Fi access point in a restaurant, a bar or any other public place. The access point you are using may be someone posing to be a Wi-Fi connection. At that moment, that access point becomes a Man-in-the-Middle.

Why are Man-in-the-Middle attacks dangerous?

By redirecting all your traffic through that malicious device, the Man-in-the-Middle can do a number of things:

  • Steal credit card numbers;
  • Capture and store all information that you send for later analysis;
  • Learn your credentials for login to your bank account;
  • Steal your personal information to use for identity theft;
  • Manipulate the content of what you are sending – for instance by changing the recipient’s bank account number and the amount of a transfer you are making;
  • Redirect you to malicious websites that are hosting malware, for instance to infect you with ransomware.

This type of attack does not only happen in communication between people and servers. Increasingly, MITM attacks happen in machine-to-machine (M2M) communication. The explosion in the number of Internet of Things (IoT) devices being deployed is a dream come true for hackers.

By the way, Man-in-the-Middle attacks are not always inspired by hackers for financial gain. State organizations have been found using the technique to spy on their citizens or on other state’s citizens. And in the Syrian civil war, MITM attacks have succeeded in breaking down a core part of the Syrian internet infrastructure, leaving part of the country without internet access.

How can you prevent Man-in-the-Middle attacks?

MITM attacks are an old technique. When Internet was still very expensive, companies used proxies to reduce costs. A website would be temporarily downloaded to the proxy server, and the user would access this ‘local’ version of the website. if a special request was done, the proxy would contact the server for the updated results. A MITM attack uses this same technique, where the hacker will store a local copy of the server on his proxy. If the victim then wants to wire an amount, the hacker can alter this information to the ‛real’ server, without the user ever realizing he’s not accessing his banking app.

Security specialists have been looking for solutions to this for the last couple of decades. Encrypting data is an obvious form of defense, but not 100% effective: a hacker may still be able to redirect you to malicious sites to infect your endpoint and gain access to your corporate network later. Other mechanisms that are often recommended include using VPNs, firewalls, antivirus and antimalware software, using password managers, etc. And, of course, it does help to raise awareness of users not to click on suspicious links and to keep all software patched and updated. However, all of these defense techniques may found to be lacking to fend off all Man-in-the-Middle attacks.

Why TrustBuilder Mobile Authenticator is your best defense against Man-in-the-Middle attacks

The PSD2 regulation imposes Strong Customer Authentication (SCA) for financial transactions, and this has certainly given a boost to the use of Two-Factor Authentication (2FA) and Multi-Factor Authentication (MFA). But as we know, Oath Authenticators (using shared secrets) are not always safe, nor are One Time Passwords (OTP) sent over SMS.

TrustBuilder Mobile Authenticator is safer than these other methods, as we use Out-of-Band: when you want to perform a transaction, you ask the application you are using to send you a push notification. This push notification is sent over a different carrier than the connection to the app. This means a Man-in-the-Middle cannot intercept, change or use this push notification. TrustBuilder Mobile Authenticator combines this with asymmetric cryptography and device binding, making security airtight.

Beside protecting against Man-in-the-Middle attacks, TrustBuilder Mobile Authenticator brings a lot of extra advantages to both consumer and financial service companies or other companies interested in combining user experience with ultimate security. Check out our TrustBuilder Mobile Authenticator for more on Multi-Factor Authentication or contact us for more information.

Author

Frank Hamerlinck

Frank Hamerlinck

As co-founder of global trade management leader Porthus, customer experience platform NGDATA, and strategic consulting services company innacco, Frank embodies the entrepreneurial mindset. His 20+ years of ICT experience is complemented by his position as ‘Entrepreneur in Residence’ at iMinds and coach at Netwerk Ondernemen.

Related articles

Argenta signs long-term partnership with TrustBuilder
Banking and insurance group Argenta has broken open its existing contracts with TrustBuilder. For the next five years, Belgium's fifth largest bank will continue to protect its applications for customers with TrustBuilder's IAM solution. As a part of the new agreement, Argenta will switch to our cloud-native version TrustBuilder.io.
The insurance industry needs to change to survive
Going digital is a strategic imperative for the insurance industry. According to a recent report by McKinsey, insurance companies will need to make bold moves if they want to survive. Insurers need to offer seamless digital customer journeys, and IAM is a keystone in building the right foundation.
How personas take Single Sign-on to the next level
Ever more companies are catching on to single sign-on, to increase the productivity of their employees, or to reduce the hurdle for customers when they authenticate for various applications offered by the organization. By combining SSO with the notion of personas, organizations can now make SSO even more user-friendly and secure.

Book a meeting

Engage in a chat with our product people to discuss IAM trends and challenges, and our solutions.

Request a Maturity Assessment

Take our Maturity Assessment to find out how you can accelerate your digital transformation.

Schedule a demo

Experience the power of TrustBuilder.io Suite through a demo, personalized to your challenges.

Contact us

Visit our offices, send us a mail, call us, or simply fill out a contact form.