{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,13]],"date-time":"2026-02-13T23:28:56Z","timestamp":1771025336192,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":27,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642392344","type":"print"},{"value":"9783642392351","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-39235-1_9","type":"book-chapter","created":{"date-parts":[[2013,7,13]],"date-time":"2013-07-13T00:07:36Z","timestamp":1373674056000},"page":"150-159","source":"Crossref","is-referenced-by-count":53,"title":["SMS-Based One-Time Passwords: Attacks and Defense"],"prefix":"10.1007","author":[{"given":"Collin","family":"Mulliner","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ravishankar","family":"Borgaonkar","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Patrick","family":"Stewin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jean-Pierre","family":"Seifert","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"9_CR1","unstructured":"3rd Generation Partnership Project: 3GPP TS 23.040 - Technical realization of the Short Message Service (SMS) (September 2004), \n \n http:\/\/www.3gpp.org\/ftp\/Specs\/html-info\/23040.html"},{"key":"9_CR2","unstructured":"Apple Inc.: IOS Developer Library: Cryptographic Services (July 2012), \n \n http:\/\/developer.apple.com\/library\/ios\/documentation\/Security\/Conceptual\/Security\/Overview\/CryptographicServices\/CryptographicServices.html"},{"key":"9_CR3","unstructured":"Apvrille, A.: Zeus In The Mobile (Zitmo): Online Banking\u2019s Two Factor Authentication Defeated (September 2010), \n \n http:\/\/blog.fortinet.com\/zeus-in-the-mobile-zitmo-online-bankings-two-factor-authentication-defeated\/"},{"key":"9_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11693383_1","volume-title":"Selected Areas in Cryptography","author":"E. Barkan","year":"2006","unstructured":"Barkan, E., Biham, E.: Conditional estimators: An effective attack on A5\/1. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol.\u00a03897, pp. 1\u201319. Springer, Heidelberg (2006)"},{"key":"9_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-44706-7_1","volume-title":"Fast Software Encryption","author":"A. Biryukov","year":"2001","unstructured":"Biryukov, A., Shamir, A., Wagner, D.: Real time cryptanalysis of A5\/1 on a PC. In: Schneier, B. (ed.) FSE 2000. LNCS, vol.\u00a01978, pp. 1\u201318. Springer, Heidelberg (2001)"},{"key":"9_CR6","doi-asserted-by":"crossref","unstructured":"Bonneau, J., Herley, C., von Oorschot, P.C., Stajano, F.: The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes. In: Proceedings of the IEEE Symposium on Security and Privacy (2012)","DOI":"10.1109\/SP.2012.44"},{"key":"9_CR7","unstructured":"GSMK Cryptophone: Questions about the Interception of GSM Calls (2012), \n \n http:\/\/www.cryptophone.de\/en\/support\/faq\/questions-about-the-interception-of-gsm-calls\/"},{"key":"9_CR8","unstructured":"Duo Security: Modern Two-Factor Authentication, \n \n http:\/\/duosecurity.com"},{"key":"9_CR9","unstructured":"F-Secure: Threat Description: Trojan:Android\/Crusewind.A (2011), \n \n http:\/\/www.f-secure.com\/v-descs\/trojan_android_crusewind_a.shtml"},{"key":"9_CR10","unstructured":"Fisher, D.: Zeus Comes to the BlackBerry (August 2012), \n \n http:\/\/threatpost.com\/en_us\/blogs\/zeus-comes-blackberry-080712"},{"key":"9_CR11","unstructured":"Gold, N., Redon, K., Borgaonkar, R.: Weaponizing femtocells: The effect of rogue devices on mobile telecommunication. In: Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS) (February 2012)"},{"key":"9_CR12","unstructured":"Google Inc.: Data Storage | Android Developers, \n \n http:\/\/developer.android.com\/guide\/topics\/data\/data-storage.html#filesInternal"},{"key":"9_CR13","unstructured":"Google Inc.: Verifying your account via SMS or Voice Call, \n \n http:\/\/support.google.com\/mail\/bin\/answer.py?hl=en&answer=114129"},{"key":"9_CR14","unstructured":"icici Bank: What is SIM-Swap fraud?, \n \n http:\/\/www.icicibank.com\/online-safe-banking\/simswap.html"},{"key":"9_CR15","unstructured":"Klein, A.: The Song Remains the Same: Man in the Mobile Attacks Single out Android (July 2012), \n \n http:\/\/www.trusteer.com\/blog\/song-remains-same-man-mobile-attacks-single-out-android"},{"key":"9_CR16","unstructured":"Koot, L.: Security of mobile TAN an smartphones. Master\u2019s thesis, Radboud University Nijmegen (February 2012)"},{"key":"9_CR17","unstructured":"Maslennikov, D.: ZeuS in the Mobile is back (February 2011), \n \n http:\/\/www.securelist.com\/en\/blog\/11169\/Zeus_in_the_Mobile_is_back"},{"key":"9_CR18","unstructured":"Microsoft Coperation: Windows Phone 7 Security Model (December 2010), \n \n http:\/\/download.microsoft.com\/download\/9\/3\/5\/93565816-AD4E-4448-B49B-457D07ABB991\/WindowsPhone7SecurityModel_FINAL_122010.pdf"},{"key":"9_CR19","unstructured":"Muttik, I.: Securing Mobile Devices:Present and Future (December 2011), \n \n http:\/\/www.mcafee.com\/us\/resources\/reports\/rp-securing-mobile-devices.pdf"},{"key":"9_CR20","unstructured":"Nohl, K., Pudget, C.: GSM: SRSLY? (2009), \n \n http:\/\/events.ccc.de\/congress\/2009\/Fahrplan\/events\/3654.en.html"},{"key":"9_CR21","unstructured":"PhoneFactor, Inc.: Comparing PhoneFactor to Other SMS Authentication Solutions, \n \n http:\/\/www.phonefactor.com\/sms-authentication"},{"key":"9_CR22","doi-asserted-by":"crossref","unstructured":"Felt, A.P., Finifter, M., Chin, E., Hanna, S., Wagner, D.: A Survey of Mobile Malware in the Wild. In: Proceedings of the ACM Workshop on Security and Privacy in Mobile Devices, SPSM (2011)","DOI":"10.1145\/2046614.2046618"},{"key":"9_CR23","unstructured":"Felt, A.P., Greenwood, K., Wagner, D.: The Effectiveness of Application Permissions. In: USENIX Conference on Web Application Development (2011)"},{"key":"9_CR24","unstructured":"SMS PASSCODE A\/S: Two-factor Authentication, \n \n http:\/\/www.smspasscode.com\/twofactorauthentication"},{"key":"9_CR25","unstructured":"TrustGo Mobile Inc.: MMarketPay.A (2012), \n \n http:\/\/blog.trustgo.com\/mmarketpay-a-new-android-malware-found-in-the-wild-2\/"},{"key":"9_CR26","unstructured":"VISUALtron Software Corporation. 2-Factor Authentication - What is MobileKey?, \n \n http:\/\/www.visualtron.com\/products_mobilekey.html"},{"key":"9_CR27","doi-asserted-by":"crossref","unstructured":"Zhou, Y., Jiang, X.: Dissecting Android Malware: Characterization and Evolution. In: 33rd IEEE Symposium on Security and Privacy (May 2012)","DOI":"10.1109\/SP.2012.16"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-39235-1_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,16]],"date-time":"2019-05-16T01:41:29Z","timestamp":1557970889000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-39235-1_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642392344","9783642392351"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-39235-1_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013]]}}}