perché dovrebbero farlo? Cosa guadagnano disabilitando le notifiche push?
https://i.redd.it/rw7k0g8qnjzg1.png
di Far_Bicycle_2827
Tag
Austria
Belgio
Belgium
Bulgaria
Cechia
Croatia
Croazia
Czech
Czechia
Czech Republic
Danimarca
Denmark
Estonia
Europa
Europe
France
Francia
Germania
Germany
Grecia
Greece
Hungary
Ireland
Irlanda
Polonia
Polska
Portogallo
Portugal
Regno Unito
Repubblica Ceca
Repubblica di Turchia
Romania
Serbia
Slovacchia
Slovakia
Slovenia
Svezia
Sweden
Turchia
Turkey
Ucraina
Ucraino
Ukraine
Ungheria
United Kingdom
2 commenti
I hate it, but unfortunately it makes sense.
People enter their private data (including LuxTrust credentials) on shady sites. Criminals could call them, and tell them a story why they need to confirm the push notification NOW (“your account is compromised, you need to confirm so we can block your cards” or stuff like that). Under stress, people believe pretty much everything.
After this change, this phishing method is no longer possible because you have to physically sit in front of the screen that you are trying to log in to. For now at least, those people are protected, until some criminal group finds a way around.
But like I said, I hate it and I’m considering opening an account at an online bank just because of this. The user experience is just horrible and could be much better if they work with actual UI designers and don’t let developers dictate how something has to work.
At first I was annoyed by the change. But it seems one step safer overall.
I’m not versed in cyber-security. I wonder if the added scanning of a QR code to retrieve the Luxtrust challenge, instead of the push notification reduces the risk of some attacks.
I’m vaguely aware of SIM swapping and man-in-the-middle attacks. Those are attacks where you would not even be able to prove that you didn’t authorize a transaction, because it is your phone number that shows up officially.
So yeah, hopefully it is safer.