National press coverage: Approach has discovered a critical flaw in major online shops relating to IBAN
They all speak about the flaw with IBAN: DataNews (FR), RTBF (FR), DataNews (NL), Regional IT (FR), …
Your IBAN could be used by anyone to shop online. For example, we successfully bought items for free on Amazon!
Our security experts recently discovered a simple but critical flaw in the payment process of some of the major online shops. Among credit cards and other secure payment methods, they allow their customers to pay by simply providing an IBAN account number. No password, no Digipass, or no other authentication method are required. How it works is that the money is automatically debited from the provided IBAN account number. And the shopped items are delivered.
Want to know more about this? Read our article written by our cyber security expert Pierre Alexis, with the technical advisory of DIGITEAL.
