Skip to main content
SpringerLink
Log in

Mobile Password System for Enhancing Usability-Guaranteed Security in Mobile Phone Banking

  • Conference paper
Web and Communication Technologies and Internet-Related Social Issues - HSI 2005 (HSI 2005)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3597))

Included in the following conference series:

Abstract

To use mobile phone banking, we have to input personal identification number, account password and security card number. When it comes to the time of using wireless public key infrastructure practically, it will be equipped with the four-stage password input system by adding the certificate password. In this paper, we introduce DAS4M(Dynamic Authentication System for Mobile phone user) password system where the password could prevent from being exposed to other people during inputting. To discuss and simulate the validity of the proposed system, we develop a mobile application which is operable on the WIPI mobile platforms. The proposed system enhances the exposure rate of the password compared to the incumbent mobile phone banking password input system up to more than 84 times. Moreover, through the experiment with the usability which has the tradeoff relationship with the password security in terms of input time, error rate and user response, we can observe that it does not make a big difference as a result.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. DaeHo, K. (ed.): Digital Convergence, Communication Books, Seoul (2004)

    Google Scholar 

  2. JiBum, J., HanJu, K.: Survey and analysis of mobile commerce. Weekly Technique Review 1139, ETRI (2004)

    Google Scholar 

  3. MahnYong, L., et al.: Cryptography and Application. Saengrung Publisher, Seoul (2002)

    Google Scholar 

  4. SeungBae, P., MoonSeol, K., SangJun, L.: Authenticated key exchange protocol secure against offline dictionary attack and server compromise. In: Li, M., et al. (eds.) GCC 2003. LNCS, vol. 3032, pp. 924–931. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  5. SeungBae, P., MoonSeol, K., SangJun, L.: User authentication protocol based on human memorable password and using ECC. In: Li, M., et al. (eds.) GCC 2003. LNCS, vol. 3032, pp. 1091–1094. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  6. Halevi, S., Krawczyk, H.: Public-key cryptography and password protocols. ACM Security (CCS 1998), 122–131 (1998)

    Google Scholar 

  7. Jablon, D.: Strong password-only authenticated key exchange. ACM Computer Communication Review, ACM SIGCOMM 26(5), 5–20 (1996)

    Article  Google Scholar 

  8. Bellovin, S.M., Merrit, M.: Augmented encrypted key exchange: Password-based protocol secure against dictionary attack and password file compromise. In: ACM Security (CCS 1993), pp. 244–250 (1993)

    Google Scholar 

  9. Boyko, V., MacKenzie, P.P.S.: Provably secure password-authenticated key exchange using diffie-hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  10. Gong, L.: Optimal authentication protocols resistant to password guessing attacks. In: 8th IEEE Computer Security Foundations Workshop, pp. 24–29 (1995)

    Google Scholar 

  11. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  12. http://www.realuser.com/cgi-bin/ru.exe/_/homepages/index.htm

  13. http://www.domainmart.com/news/NYT_symbols-as-passwods.htm

  14. SeungBae, P., MoonSeol, K., SangJun, L.: New authentication systems. In: Li, M., et al. (eds.) GCC 2003. LNCS, vol. 3032, pp. 1095–1098. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  15. WIPI Specification, http://www.kwisforum.org

  16. SangJun, L.: A mobile application of client-side personalization based on WIPI platform. In: Zhang, J., He, J.-H., Fu, Y. (eds.) CIS 2004. LNCS, vol. 3314, pp. 903–909. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  17. Ktf WIPI Emulator, http://wipidev.magicn.com/

Download references

Author information

Authors and Affiliations

  1. Department of Internet Information Communication, Shingyeong University, 1485 Namyang-dong, Hwaseong-si, Gyeonggi-do, Korea

    SangJun Lee

  2. Department of Computer Science, Chodang University, 419 SungnamLi, MuanEup, MuanGun, JeonlanamDo, Korea

    SeungBae Park

Authors
  1. SangJun Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. SeungBae Park
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Osaka University, Cybermedia Center, 5-1 Mihogaoka, Ibaraki, 567-0047, Osaka, Japan

    Shinji Shimojo

  2. Graduate School of Mathematical Sciences, University of Tokyo, 3-8-1 Komaba, Meguro-ku, 153-8914, Tokyo, Japan

    Shingo Ichii

  3. School of Computing, National University of Singapore,  

    Tok-Wang Ling

  4. National Internet Development Agency of Korea, 3F, 1321-11 Secho-2 Dong, Secho-Gu, 135-875, Seoul, Korea

    Kwan-Ho Song

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lee, S., Park, S. (2005). Mobile Password System for Enhancing Usability-Guaranteed Security in Mobile Phone Banking. In: Shimojo, S., Ichii, S., Ling, TW., Song, KH. (eds) Web and Communication Technologies and Internet-Related Social Issues - HSI 2005. HSI 2005. Lecture Notes in Computer Science, vol 3597. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11527725_8

Download citation

  • DOI: https://doi.org/10.1007/11527725_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-27830-6

  • Online ISBN: 978-3-540-31808-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation