YouTube

Got a YouTube account?

New: enable viewer-created translations and captions on your YouTube channel!

Shut Up and Take My Money! (33c3)

Get Embed Code
1 Language

https://media.ccc.de/v/33c3-7969-shut_up_and_take_my_money

The Red Pill of N26 Security

FinTechs increasingly cut the ground from under long-established banks’ feet. With a "Mobile First" strategy, many set their sights on bringing all financial tasks—checking the account balance, making transactions, arranging investments, and ordering an overdraft—on your smartphone. In a business area that was once entirely committed to security, Fintechs make a hip design and outstanding user experience their one and only priority. Even though this strategy is rewarded by rapidly increasing customer numbers, it also reveals a flawed understanding of security. With the example of the pan-European banking startup N26 (formerly Number26), we succeeded independently from the used device to leak customer data, manipulate transactions, and to entirely take over accounts to ultimately issue arbitrary transactions—even without credit.

['Vincent Haupert']