You are here

Keep your IBAN secret, it could be easily abused!

White Papers & Publications
22 May 2019

National press coverage: Approach has discovered a critical flaw in major online shops

They all speak about it: DataNews (FR), RTBF (FR), DataNews (NL), Regional IT (FR), ...

Your IBAN could be used by anyone to shop online – we successfully bought items for free on Amazon!

Our security experts recently discovered a simple but critical flaw in the payment process of some of the major online shops. Among credit cards and other secure payment methods, they allow their customers to pay by simply providing an IBAN account number. No password, no Digipass, or none other authentication method are required. How it works is that the money is automatically debited from the provided IBAN account number and the shopped items are delivered.

Want to know more about this?  Read our article written by our cyber security expert Pierre Alexis, with the technical advisory of DIGITEAL

Read our article

Share this publication