Abstract
Current mobile banking protocols simply are not as well guarded as their Internet counterparts during the transactions between a mobile device and a financial institution. Recently, many mobile banking protocols using public-key cryptography have been proposed. However, they are designed to provide a basic protection for traditional flow of payment data as they only rely on basic identification and verification mechanisms, which is vulnerable to attack and increase the user’s risk. In this paper we propose a new secure mobile banking protocol that provides strong authentication mechanisms. These mechanisms rely on highly usable advanced multifactor authentication technologies i.e. (biometrics and smart cards). The proposed mobile banking protocol not only achieves a completely secure protection for the involved parties and their financial transactions but also minimizes the computational operations and the communication passes between them. An analysis and a proof of the proposed protocol security properties will be provided within this paper.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Maximov, A., Johansson, T., Babbage, S.: An improved correlation attack on A5/1. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 1–18. Springer, Heidelberg (2004)
Ahmadian, Z., Salimi, S., Salahi, A.: New attacks on UMTS network access. In: Conference on Wireless Telecommunications Symposium, pp. 291–296 (2009)
Arabo, A.: Secure Cash Withdrawal through Mobile Phone/Device. In: International Conference on Computer and Communication Engineering, pp. 818–822 (2008)
Narendiran, C., Rabara, S.A., Rajendran, N.: Performance evaluation on end-to-end security architecture for mobile banking system. In: 1st IFIP Wireless Days, pp. 1–5 (2008)
Espelid, Y., Netland, L.–H., Klingsheim, A.N., Hole, K.J.: A proof of concept attack against norwegian internet banking systems. In: Tsudik, G. (ed.) FC 2008. LNCS, vol. 5143, pp. 197–201. Springer, Heidelberg (2008)
Syverson, P., Cervesato, I.: The logic of authentication protocols. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 63–136. Springer, Heidelberg (2001)
Syverson, P.: A Taxonomy of Replay Attacks. In: 7th IEEE Computer Security Foundations Workshop, pp. 187–191 (1994)
Murdoch, S.J., Drimer, S., Anderson, R., Bond, M.: Chip and PIN is Broken. In: IEEE Symposium on Security and Privacy, pp. 433–446 (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ngo, H.H., Dandash, O., Le, P.D., Srinivasan, B., Wilson, C. (2011). Formal Verification of a Secure Mobile Banking Protocol. In: Meghanathan, N., Kaushik, B.K., Nagamalai, D. (eds) Advances in Networks and Communications. CCSIT 2011. Communications in Computer and Information Science, vol 132. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17878-8_42
Download citation
DOI: https://doi.org/10.1007/978-3-642-17878-8_42
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17877-1
Online ISBN: 978-3-642-17878-8
eBook Packages: Computer ScienceComputer Science (R0)