Abstract
The advancement in technology makes Mobile Banking transaction more sophisticated. The OTP SMS is generated by the bank server and is handed over to the client’s mobile subscriber. To avoid any possible attacks like phishing and other attacks, the OTP must be secured. In order to provide reliable and secure mobile transactions without any compromise to convenience, a reliable m-banking authentication scheme that combines the secret PIN with encryption of the one-time password (OTP) has been developed in this paper. The secured OTP while using eZeeMPay salt algorithm seek to give the more secured m-banking transaction. After the encrypted OTP SMS reaches the client’s mobile, the OTP is used again used for decrypting. The plain OTP text should be sent back to the bank will verified at the server to complete the transaction initiated. The combination of OTP with secured OTP provides authentication and security.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Managing the Risk of Mobile Banking Technologies, Bankable Frontier Associates
3rd Generation Partnership Project. 3GPP TS 23.040 - Technical realization of the Short Message Service (SMS) (September 2004), http://www.3gpp.org/ftp/Specs/html-info/23040.htm
Duo Security. Modern Two-Factor Authentication, http://duosecurity.com
PhoneFactor, Inc. Comparing PhoneFactor to Other SMS Authentication Solutions, http://www.phonefactor.com/sms-authentication
Yang, R.: SMS Text Message Based Authentication. Citrix Developer Network: http://community.citrix.com/display/xa/SMS+Text+Message+Based+Authentication
VISUALtron Software Corporation. 2-Factor Authentication - What is MobileKey? http://www.visualtron.com/products-mobilekey.htm
SMS PASSCODE A/S. Two-factor Authentication, http://www.smspasscode.com/twofactorauthentication
Google Inc. SMS Verification for App Creation, https://developers.google.com/appengine/kb/sms
Google Inc. Verifying your account via SMS or Voice Call, http://support.google.com/mail/bin/answer.py?hl=en&answer=114129
Blizzard Inc. Battle.net SMS Protect FAQ (September 2012), https://us.battle.net/support/en/article/battlenet-sms-protect
http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf (February 10, 2014)
NIST, “NIST Brief Comments on Recent Cryptanalytic Attacks on Secure Hashing Functions and Continued Security Provided by SHA-1” (August 25, 2004), http://csrc.nist.gov/groups/ST/toolkit/documents/shs/hash_standards_comments.pdf
NIST, “Descriptions of SHA-256, SHA-384, and SHA-512”, http://csrc.nist.gov/groups/STM/cavp/documents/shs/sha256-384-512.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Singh, B., Jasmine, K.S. (2015). Secure End-To-End Authentication for Mobile Banking. In: Silhavy, R., Senkerik, R., Oplatkova, Z., Prokopova, Z., Silhavy, P. (eds) Software Engineering in Intelligent Systems. Advances in Intelligent Systems and Computing, vol 349. Springer, Cham. https://doi.org/10.1007/978-3-319-18473-9_22
Download citation
DOI: https://doi.org/10.1007/978-3-319-18473-9_22
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-18472-2
Online ISBN: 978-3-319-18473-9
eBook Packages: EngineeringEngineering (R0)