⁷The ChCaptcha1 e-banking system also supports user certificate stored in a USB-key. In case the user is possessing such a USB-key, she needs to connect her USB-key to the computer so that the transaction data will be signed. Such a mechanism does not enhance security against MitM attacks since the USB-key can be spoofed to sign the manipulated transaction.