Internet

photoTAN – what is it? Explained in simple and understandable terms

by Mike
written by Mike

Many banks offer the photoTAN procedure for online banking, but many customers do not know what it entails. In this practical tip, we explain what it actually is and how the procedure works exactly.

What exactly is photoTAN?

The PhotoTAN procedure is one of the most modern and secure methods for confirming online banking transactions. Instead of a text message or additional hardware, a special colored code is used, which you scan with an app or a reader.

  1. To use PhotoTAN, you need either the appropriate smartphone app from your bank or a special reader (if you do not have a smartphone).
  2. Once you have set up the app or reader and want to make a transfer on your computer, simply select PhotoTAN to generate the TAN.
  3. An image code similar to a QR code will now be displayed on your computer. Scan the image with your smartphone or reader to generate the TAN.
  4. Then enter the generated TAN on your computer to authorize the transfer.

How secure is photoTAN?

With photoTAN, you use both your computer and your smartphone for your transfers. The risk is spread across two devices and thus minimized.

  • Stiftung Warentest rated its security as “high” in its banking test and, when a reader is used, even as “very high.”
  • However, there are also risks when using a smartphone: cell phones can be easily hacked, allowing attackers to take control of the banking app. This allows codes for other transfers to be generated.
  • To eliminate this risk, use a reader and always check the data. In addition to the scan code, you will always find the transfer details listed. Be sure to check that these still match the account details you entered.

    How PhotoTAN works technically

    Behind the colorful mosaic of PhotoTAN lies a sophisticated encryption process.

    • When you make a transaction in online banking, your bank generates an individually encrypted code that is displayed as a colorful mosaic image. This mosaic contains the transaction data—for example, the recipient, the amount, and the account number—in encrypted form.
    • The PhotoTAN app or a special reader scans this code using the camera and decrypts it locally on your device. Only when the app has successfully verified the transaction is a TAN (transaction number) generated, which you enter in online banking or confirm automatically.
    • Since the code is only valid for a single transaction and the encryption is individually tailored to your app, PhotoTAN is considered particularly  secure against phishing and malware attacks.

    Avatar photo

    Related Articles

    DirectX 12 download – how it works

    How does Western Union work? Simply explained

    What is BIC? Meaning & usage explained

    Spotify: How to change your password

    LTE speed: How fast is it really?

    Google Live Translator: How to activate live translation

    Creating Alexa Skills: How to program skills

    Atomic clock: Location and interesting facts

    What is an IP address?

    What is a browser? Simply explained

    Leave a Comment

    Save my name, email, and website in this browser for the next time I comment.