How to prevent Man-in-the-Middle attacks

Man-in-the-Middle (MITM) attacks have become a very popular method for hackers to gain access to sensitive information, steal credentials or infect endpoints, for instance for ransomware attacks. For retail banks or other financial service companies, Man-in-the-Middle attacks are a true nightmare as ever more people are using mobile devices to perform financial transactions. TrustBuilder Mobile Authenticator brings unique Multi-Factor Authentication (MFA) features that can prevent this type of attack.

Main in the middle blog

A Man-in-the-Middle attack happens when a hacker intercepts communication between two parties who think they are communicating directly. This can happen, for example, when you log into a public Wi-Fi access point in a restaurant, a bar or any other public place. The access point you are using may be someone posing to be a Wi-Fi connection. At that moment, that access point becomes a Man-in-the-Middle.

Why are Man-in-the-Middle attacks dangerous?

By redirecting all your traffic through that malicious device, the Man-in-the-Middle can do a number of things:

  • Steal credit card numbers;
  • Capture and store all information that you send for later analysis;
  • Learn your credentials for login to your bank account;
  • Steal your personal information to use for identity theft;
  • Manipulate the content of what you are sending – for instance by changing the recipient’s bank account number and the amount of a transfer you are making;
  • Redirect you to malicious websites that are hosting malware, for instance to infect you with ransomware.

This type of attack does not only happen in communication between people and servers. Increasingly, MITM attacks happen in machine-to-machine (M2M) communication. The explosion in the number of Internet of Things (IoT) devices being deployed is a dream come true for hackers.

By the way, Man-in-the-Middle attacks are not always inspired by hackers for financial gain. State organizations have been found using the technique to spy on their citizens or on other state’s citizens. And in the Syrian civil war, MITM attacks have succeeded in breaking down a core part of the Syrian internet infrastructure, leaving part of the country without internet access.

How can you prevent Man-in-the-Middle attacks?

MITM attacks are an old technique. When Internet was still very expensive, companies used proxies to reduce costs. A website would be temporarily downloaded to the proxy server, and the user would access this ‘local’ version of the website. if a special request was done, the proxy would contact the server for the updated results. A MITM attack uses this same technique, where the hacker will store a local copy of the server on his proxy. If the victim then wants to wire an amount, the hacker can alter this information to the ‛real’ server, without the user ever realizing he’s not accessing his banking app.

Security specialists have been looking for solutions to this for the last couple of decades. Encrypting data is an obvious form of defense, but not 100% effective: a hacker may still be able to redirect you to malicious sites to infect your endpoint and gain access to your corporate network later. Other mechanisms that are often recommended include using VPNs, firewalls, antivirus and antimalware software, using password managers, etc. And, of course, it does help to raise awareness of users not to click on suspicious links and to keep all software patched and updated. However, all of these defense techniques may found to be lacking to fend off all Man-in-the-Middle attacks.

Why TrustBuilder Mobile Authenticator is your best defense against Man-in-the-Middle attacks

The PSD2 regulation imposes Strong Customer Authentication (SCA) for financial transactions, and this has certainly given a boost to the use of Two-Factor Authentication (2FA) and Multi-Factor Authentication (MFA). But as we know, Oath Authenticators (using shared secrets) are not always safe, nor are One Time Passwords (OTP) sent over SMS.

TrustBuilder Mobile Authenticator is safer than these other methods, as we use Out-of-Band: when you want to perform a transaction, you ask the application you are using to send you a push notification. This push notification is sent over a different carrier than the connection to the app. This means a Man-in-the-Middle cannot intercept, change or use this push notification. TrustBuilder Mobile Authenticator combines this with asymmetric cryptography and device binding, making security airtight.

Beside protecting against Man-in-the-Middle attacks, TrustBuilder Mobile Authenticator brings a lot of extra advantages to both consumer and financial service companies or other companies interested in combining user experience with ultimate security. Check out our TrustBuilder Mobile Authenticator for more on Multi-Factor Authentication or contact us for more information.


Frank Hamerlinck

Frank Hamerlinck

As co-founder of global trade management leader Porthus, customer experience platform NGDATA, and strategic consulting services company innacco, Frank embodies the entrepreneurial mindset. His 20+ years of ICT experience is complemented by his position as ‘Entrepreneur in Residence’ at iMinds and coach at Netwerk Ondernemen.

Related articles

How personas take Single Sign-on to the next level
Ever more companies are catching on to single sign-on, to increase the productivity of their employees, or to reduce the hurdle for customers when they authenticate for various applications offered by the organization. By combining SSO with the notion of personas, organizations can now make SSO even more user-friendly and secure.
Behind the scenes: how a product comes to life at TrustBuilder
Markets evolve fast – products have to evolve even faster. Working in the product team at TrustBuilder is very much like playing in the Premier League: high intensity, high pressure, high quality. We took a tour of the grounds with Kurt Berghs, Product Manager at TrustBuilder, to understand how products are initiated and designed and how new features are prioritized. And how the customer is always front and center in all developments.
IAM is at the heart of a modern IT architecture
With in-person events coming back in full force these past few months, we have had lots of face-to-face conversations with customers, prospects, partners and analysts. It is so refreshing that we are now able to bounce off ideas again with all these talented people in our industry. We talked to TrustBuilder CEO Frank Hamerlinck about the latest evolutions.

Book a meeting

Engage in a chat with our product people to discuss IAM trends and challenges, and our solutions.

Request a Maturity Assessment

Take our Maturity Assessment to find out how you can accelerate your digital transformation.

Schedule a demo

Experience the power of Suite through a demo, personalized to your challenges.

Contact us

Visit our offices, send us a mail, call us, or simply fill out a contact form.