• Mehr als 3 Millionen Wörter Inhalt
  • |
  • info@itmedialaw.com
  • |
  • Tel: 03322 5078053
ITMediaLaw - Rechtsanwalt Marian Härtel
Warenkorb
Plugin Install : Cart Icon need WooCommerce plugin to be installed.
  • en English
  • de Deutsch
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Kurzberatung
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
ITMediaLaw - Rechtsanwalt Marian Härtel
Home Other

Security deficiencies in online banking: A look at a recent ruling by the Heilbronn Regional Court and the legal situation

11. October 2023
in Other
Reading Time: 2 mins read
0 0
A A
0
online banking 3559760 1280
Key Facts
  • The digital transformation has made online banking popular, but has also increased security concerns.
  • A ruling by the Heilbronn Regional Court considers the use of banking and PushTAN apps on the same device to be inadequate.
  • Two-factor authentication (2FA) requires two independent elements from different categories for authentication.
  • If both apps are on the same device, the independence of the authentication elements is questionable.
  • A compromised smartphone can compromise both apps, which increases the risk of unauthorized access.
  • Banks may need to revise their security protocols and recommend separate devices.
  • The ruling calls on all parties involved to critically scrutinize security practices in online banking.

Introduction:

Content Hide
1. Introduction:
2. Main part:
3. Graduation:

Digital transformation has made online banking a popular and convenient way to manage finances. But as online transactions increase, so do the number of security concerns and legal challenges. In my practice, I am currently experiencing a significant increase in mandates and mandate requests dealing with unlawful online banking debits. A recurring theme here is the question of whether users were negligent or whether the banks’ systems offered inadequate protection. A recent ruling by the Heilbronn Regional Court brings interesting insights to this discussion and sheds light on the practice of using banking apps and PushTAN apps on the same device.

Main part:

In the decision of the Heilbronn Regional Court (see Heilbronn Regional Court ruling), the use of a banking app together with a PushTAN app on the same smartphone was deemed insufficient. This ruling is based on the principles of two-factor authentication (2FA) set forth in Regulation (EU) No. 2018/389, better known as Regulatory Technical Standards (RTS) for Strong Customer Authentication and Secure Communications.

The RTS specify that two independent elements are required for authentication, which must come from two different categories: Knowledge (something only the user knows), Possession (something only the user possesses), and Inherence (something the user is). However, if both the banking app and the PushTAN app are installed on the same device, the question arises as to whether these elements are actually independent of each other.

The court’s concerns are clear: If the smartphone is compromised, e.g. by malware, both apps could be affected at the same time, which significantly increases the risk of unauthorized access to the bank account.

The implications of this ruling could be far-reaching. Banks may now be forced to revise their security protocols and encourage users to use separate devices for banking and TAN generation. This new requirement could be especially challenging for those who value the convenience of mobile banking and now need to reevaluate their security practices.

Graduation:

The Heilbronn Regional Court’s ruling is a clear indication that security protocols in online banking need to be critically scrutinized and, if necessary, adapted. Both banks and customers should be prepared to take the necessary steps to ensure a secure online banking experience, even though this may involve some additional effort.

Tags: AuthenticationEuJudgmentRegulationRiskSmartphone

Weitere spannende Blogposts

Soon no Twitch, Steam, Discord, Twitter for under 16s?

Soon no Twitch, Steam, Discord, Twitter for under 16s?
7. November 2022

Will young people under 16 in Germany soon no longer be able to use Twitch, YouTube, Discord, Steam, Twitter and...

Read moreDetails

DLT and the legal profession

Startup financing through tokenized profit participation rights and related financing options.
6. December 2022

Introduction The digitization of larger sectors encounters organizational, technical and legal problems. The potential applications of blockchain technology offer a...

Read moreDetails

Cancellation of online subscriptions must be possible without a password!

Cancellation of online subscriptions must be possible without a password!
8. January 2024

In an exciting ruling, the Regional Court of Munich I decided that it must be possible to cancel online subscriptions...

Read moreDetails

When can I avoid the cookie banner?

ECJ: Cookies require explicit consent of users
18. October 2019

The ECJ has just ruled on the subject of cookies in the Planet49 case(see this article). Because of this procedure...

Read moreDetails

LG Darmstadt: A currently advertised product must also be available for delivery

LG Darmstadt: A currently advertised product must also be available for delivery
4. January 2024

The Darmstadt Regional Court has made an important ruling that directly affects the practice of advertising in online retail. The...

Read moreDetails

EU adopts Data Act: What do you need to know?

EU adopts Data Act: What do you need to know?
7. December 2023

The European Union has taken a significant step towards a progressive data economy by adopting the Data Act. This act...

Read moreDetails

Artificial intelligence (AI) for process automation

341a2ee477801be4d12fc33c1120d10e
4. July 2024

The introduction of artificial intelligence (AI) into business processes offers enormous opportunities to increase efficiency and competitiveness, but also presents...

Read moreDetails

Price adjustment clauses in general terms and conditions: A critical look at the example of the Netflix ruling

Price adjustment clauses in general terms and conditions: A critical look at the example of the Netflix ruling
24. November 2023

Introduction: In a recent ruling, the Court of Appeal in Berlin declared the price adjustment clause in Netflix's General Terms...

Read moreDetails

MiCar is partly there

a0f26104d9663e140f79896d2d5ee77a
4. July 2024

When the Markets in Crypto-Assets Regulation (MiCAR) comes into force on June 30, 2024, a new era for stablecoins in...

Read moreDetails
eff652d70b8b13586648bcc41c5a83f3

Trade Tax Act (GewStG):

9. November 2024

Fundamentals and historical development Since its introduction in 1936, trade tax has been the most important original source of revenue...

Read moreDetails
Social media accounts and imprint

Imprint obligation

11. April 2025
District Court Frankfurt a.M. on the right to be forgotten

Data Protection Officer (DPO)

11. April 2025
abmahnung

Declaration of injunction

24. June 2023
Cloud service contract

Cloud service contract

16. October 2024

Podcast Folgen

Rechtskette beim Spieleentwickler

Rechtskette beim Spieleentwickler

19. April 2025

In dieser kurzen Episode diskutieren Anna und Max die Bedeutung der Rechtekette im Game Development – ein zentraler Aspekt für...

7c0b449a651fe0b81e5eec2e23515012 2

Urheberrecht im Digitalen Zeitalter

22. December 2024

In dieser aufschlussreichen knapp 20-minütigen Podcast-Episode von und mit mir wird das komplexe Thema des Urheberrechts im digitalen Zeitalter beleuchtet....

Rechtliche Herausforderungen und Chancen durch KI-Influencer und virtuelle Mitarbeitende

Rechtliche Herausforderungen und Chancen durch KI-Influencer und virtuelle Mitarbeitende

19. April 2025

In dieser Episode wird die rechtliche Einordnung von virtuellen Mitarbeitenden und KI-Influencern im Marketing untersucht. Der Fokus liegt auf den...

Web3, Blockchain und Recht – Eine kritische Bestandsaufnahme

Web3, Blockchain und Recht – Eine kritische Bestandsaufnahme

25. September 2024

  In dieser aufschlussreichen Episode des ITmedialaw-Podcasts wird ein tiefgehender Blick auf die Schnittstelle von Web3, Blockchain-Technologie und Recht geworfen....

  • Privacy policy
  • Imprint
  • Contact
  • About lawyer Marian Härtel
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
  • en English
  • de Deutsch
Kostenlose Kurzberatung