• Mehr als 3 Millionen Wörter Inhalt
  • |
  • info@itmedialaw.com
  • |
  • Tel: 03322 5078053
Rechtsanwalt Marian Härtel - ITMediaLaw

No products in the cart.

  • en English
  • de Deutsch
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Kurzberatung
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Rechtsanwalt Marian Härtel - ITMediaLaw

Security deficiencies in online banking: A look at a recent ruling by the Heilbronn Regional Court and the legal situation

11. October 2023
in Other
Reading Time: 2 mins read
0 0
A A
0
online banking 3559760 1280
Key Facts
  • The digital transformation has made online banking popular, but has also increased security concerns.
  • A ruling by the Heilbronn Regional Court considers the use of banking and PushTAN apps on the same device to be inadequate.
  • Two-factor authentication (2FA) requires two independent elements from different categories for authentication.
  • If both apps are on the same device, the independence of the authentication elements is questionable.
  • A compromised smartphone can compromise both apps, which increases the risk of unauthorized access.
  • Banks may need to revise their security protocols and recommend separate devices.
  • The ruling calls on all parties involved to critically scrutinize security practices in online banking.

Introduction:

Content Hide
1. Introduction:
2. Main part:
3. Graduation:
3.1. Author: Marian Härtel

Digital transformation has made online banking a popular and convenient way to manage finances. But as online transactions increase, so do the number of security concerns and legal challenges. In my practice, I am currently experiencing a significant increase in mandates and mandate requests dealing with unlawful online banking debits. A recurring theme here is the question of whether users were negligent or whether the banks’ systems offered inadequate protection. A recent ruling by the Heilbronn Regional Court brings interesting insights to this discussion and sheds light on the practice of using banking apps and PushTAN apps on the same device.

Main part:

In the decision of the Heilbronn Regional Court (see Heilbronn Regional Court ruling), the use of a banking app together with a PushTAN app on the same smartphone was deemed insufficient. This ruling is based on the principles of two-factor authentication (2FA) set forth in Regulation (EU) No. 2018/389, better known as Regulatory Technical Standards (RTS) for Strong Customer Authentication and Secure Communications.

The RTS specify that two independent elements are required for authentication, which must come from two different categories: Knowledge (something only the user knows), Possession (something only the user possesses), and Inherence (something the user is). However, if both the banking app and the PushTAN app are installed on the same device, the question arises as to whether these elements are actually independent of each other.

The court’s concerns are clear: If the smartphone is compromised, e.g. by malware, both apps could be affected at the same time, which significantly increases the risk of unauthorized access to the bank account.

The implications of this ruling could be far-reaching. Banks may now be forced to revise their security protocols and encourage users to use separate devices for banking and TAN generation. This new requirement could be especially challenging for those who value the convenience of mobile banking and now need to reevaluate their security practices.

Graduation:

The Heilbronn Regional Court’s ruling is a clear indication that security protocols in online banking need to be critically scrutinized and, if necessary, adapted. Both banks and customers should be prepared to take the necessary steps to ensure a secure online banking experience, even though this may involve some additional effort.

Marian Härtel
Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.

Tags: AuthenticationEuJudgmentRegulationRiskSmartphone

Weitere spannende Blogposts

Cancellation of online subscriptions must be possible without a password!

Cancellation of online subscriptions must be possible without a password!
8. January 2024

In an exciting ruling, the Regional Court of Munich I decided that it must be possible to cancel online subscriptions...

Read moreDetails

New draft eu ePrivacy Regulation available

neuer entwurf der eprivacy verordnung der eu verfuegbar
31. October 2019

The EU's ePrivacy Regulation was supposed to be adopted together with the GDPR last year, but endless debates continue to...

Read moreDetails

No compensation for scraping incidents on Facebook

OLG Cologne: Blocking/deleting a social media account
28. November 2023

The 4th Civil Senate of the Higher Regional Court of Stuttgart has ruled in two judgments on claims in connection...

Read moreDetails

BGH decides on delisting request against Google

BGH considers Uber Black to be anti-competitive
11. April 2023

The VI. Civil Senate of the Federal Court of Justice, which is responsible for claims under the EU General Data...

Read moreDetails

Is a new Privacy Shield coming in 2023?

Valve + 5 game publishers and violation of geoblocking/antitrust law
2. January 2023

Will the European Commission's new adequacy decision finally promote transatlantic data transfers between the U.S. and the EU? On 13/12/2022,...

Read moreDetails

Employee participation in start-ups: legal structuring options

lawyer is providing information about the client s 2022 10 06 05 57 37 utc
26. September 2024

The participation of employees in the company's success is a key issue for start-ups. From the start-up phase to the...

Read moreDetails

What is “digital property” and how can I benefit from it?

What is “digital property” and how can I benefit from it?
8. December 2022

Attention The term "Digital Property" refers to digital content created or acquired by a person and owned by that person....

Read moreDetails

New OLG rulings on product descriptions in online trade

New OLG rulings on product descriptions in online trade
5. October 2023

Misleading product descriptions: New OLG rulings reveal pitfalls for online retailers Anyone who sells products in online stores naturally wants...

Read moreDetails

The limits of German jurisdiction in B2B claims against US social media services

The limits of German jurisdiction in B2B claims against US social media services
8. January 2024

In an exciting ruling, the Regional Court of Lübeck decided that German courts do not have jurisdiction over contractual disputes...

Read moreDetails
Contractual regulations for no-code/low-code software development
Other

Contractual regulations for no-code/low-code software development

21. May 2025

No-code and low-code platforms enable rapid software development without extensive manual programming. Applications are increasingly being developed on the basis...

Read moreDetails
Erotic content on OnlyFans: Copyright and personality rights protection for creators

Erotic content on OnlyFans: Copyright and personality rights protection for creators

20. May 2025
Goodbye hustle culture? Startup life between 24/7 grind and work-life balance

Goodbye hustle culture? Startup life between 24/7 grind and work-life balance

19. May 2025
Startup buzzwords 2025: Bullshit bingo in marketing German Introduction: Bullshit bingo in marketing German

Startup buzzwords 2025: Bullshit bingo in marketing German Introduction: Bullshit bingo in marketing German

18. May 2025
From the metaverse boom to AI euphoria – a tech lawyer in the hype cycle

From the metaverse boom to AI euphoria – a tech lawyer in the hype cycle

17. May 2025

Podcastfolge

AI in law: opportunities, risks and regulation – the IT Media Law Podcast Episode 3

AI in law: opportunities, risks and regulation – the IT Media Law Podcast Episode 3

24. September 2024

Welcome to the third episode of our podcast "IT Media Law"! In this episode, we delve into the fascinating world...

Read moreDetails
8ffe8f2a4228de20d20238899b3d922e

Web3, blockchain and law – a critical review

26. September 2024
86fe194b0c4a43e7aef2a4773b88c2c4

On the dark side? A lawyer in the field of tension of innovative start-ups

26. September 2024
3c671c5134443338a4e0c30412ac3270

“Digital law decoded” with lawyer Marian Härtel

26. September 2024
052c2ca5ca0421f0316b42073ce61791

Innovative business models – risk and opportunity at the same time

10. September 2024

Video

My transparent billing

My transparent billing

10. February 2025

In this video, I talk a bit about transparent billing and how I communicate what it costs to work with...

Read moreDetails
Fascination between law and technology

Fascination between law and technology

10. February 2025
My two biggest challenges are?

My two biggest challenges are?

10. February 2025
What really makes me happy

What really makes me happy

10. February 2025
What I love about my job!

What I love about my job!

10. February 2025
  • Privacy policy
  • Imprint
  • Contact
  • About lawyer Marian Härtel
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
  • en English
  • de Deutsch
Kostenlose Kurzberatung