Table of contents:
Video: SmsTAN: Is It Safe And How Does It Work?
In order for you to be able to participate in the smsTAN process, you have to register with the bank with your mobile phone number, among other things. This will create a direct connection between your bank account and this registered cell phone number.
Important: This procedure is only suitable for you if you do not carry out your banking transactions on the same device on which you receive this SMS. The smsTAN must not be received on the mobile phone you use to do online banking.
How to get your smsTAN:
- Starts a transfer or a standing order for which you need a TAN.
- Fill out all necessary fields and send the form.
- You will be asked to enter a TAN as confirmation. At the same time, this TAN will be sent to your cell phone.
- Enter the TAN in the field and finally submit the form.
Start photo gallery (5 photos)
Is the smsTAN procedure really safe?
The Federal Office for Information Security (BSI) warns against the use of the smsTAN procedure. Since this is a largely unsecured and unencrypted transmission of the TAN, there is a risk that it will be intercepted or listened to by criminals.
What makes smsTAN seem unsafe at first glance is actually just a theoretical business game in which many factors have to come together to make things go wrong. Each TAN generated in this way ultimately refers to a very specific transaction in which the amount and the recipient have already been determined.
In order to make an smsTAN insecure, the attackers would have to be able to change the amount and the recipient of the payment at the same time without the sender noticing. However, this change would make a new TAN necessary.
The procedure is additionally secured by sending information about the amount and the recipient together with the TAN. So you can check again before using the TAN that everything is correct.
Deutsche Bundesbank - Changes in online banking
What are the alternatives to smsTAN?
After TAN lists have been banned, banks have to offer technical solutions. One of the oldest, but which some financial institutions no longer offer, is the smsTAN. There are also two other alternatives:
|chipTAN||With chipTAN, a bank or credit card with a chip is inserted into a reader. Then this device must read a flickering bar code or a QR code. After confirmation of the transaction data, an individual TAN is generated.|
|pushTAN||The pushTAN is similar to the smsTAN in that you have to register for it. Then a TAN is sent to an app on your mobile phone with every transaction.|
The chipTAN is the safest method because it uses special hardware (readers). But pushTAN also has advantages over smsTAN: the receiving app is protected by a password or biometric check. The data transfer is encrypted. You can also manually generate a disposable TAN on the readers or in the app if the cell phone is not connected.
Is the article helpful?
Yes No Comment
Your life is GIGA.
Help us to improve and please tell us:
Why is the article not helpful for you?
The information is out of date I have not received enough information The information is incorrect I disagree Other Send answer
Thank you, your GIGA team
Your opinion is important to us. Also like to discuss with us in the comments.
Window will close automatically in 6 seconds