Abstract
Credentials information stealing and online banking fraud are common problem in today’s world. Two-factor authentications are used to overcome online banking frauds. But it can be easily broken by fraudster using different phishing techniques and synchronization vulnerabilities. These vulnerabilities weaken the security guarantees of smartphone based on two-factor authentication. Once authentication is broken fraudster has a direct online access of bank account with all access privileges. In this paper, we have attempted to minimize banking fraud by proposing OTM protocol for virtualization of bank account. Virtualization gives indirect and partial online access to bank account at the time of online financial transaction. OTM protocol derives virtual sub-accounts (VSA) from user bank account at the ATM machine using respective credit/debit card. Each virtual sub-account has assigned limit of maximum amount and used only one time for online banking.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Hayashi, E., Dhamija, R., Christin, N., Perrigo, A.: Use your illusion: secure authentication usable anywhere. In: Proceedings of ACM SOUPS (2008)
Divya, R., Muthukumarasamy, S.: An impervious QR-based visual authentication protocols to prevent black-bag cryptanalysis. In IEEE Sponsored 9th International Conference on Intelligent Systems and Control (ISCO) (2015)
Gao, H., Guo, X., Chen, X., Wang, L., Liu, X.: Yagp: yet another graphical password strategy. In: Proceedings of ACM ACSAC, pp. 121–129 (2008)
Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM J (1988)
Katz, J., Lindell, Y.: Introduction to Modern Cryptography. CRC Press (2008)
Bureau of Justice Statistics. Identity Theft Supplement (ITS) to the National Crime Victimization Survey
Konoth, R.K., van der Veen, V., Bos, H.: How anywhere computing just killed your phone-based two-factor authentication. In: Financial Crypto (FC) in Bandroid (2016)
White, S.N.: Secure mobile-based financial transactions, Feb 2013, US Patent 8,374,916
Maggi, F., Volpatto, A., Gasparini, S., Boracchi, G., Zanero, S.: Don’t touch a word! a practical input eavesdropping attack against mobile touchscreen devices. Politecnico di Milano, Tech. Rep. TR-2010-59 (2010)
M. Labs.: Android Malware spreads through QR code. Kaspersky Secure List Blog (2011)
Hsu, J.: How google glass can improve atm banking security. Online at google-glass-can-improve-atm-banking-security, Mar 2014, IEEE Spectrum
No Inventor.: Data compression using run length encoding and statistical encoding. US patent US4626829 A publication date DEC 1986
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Sarang, D., Shekokar, N. (2018). A Secured Two-Factor Authentication Protocol for One-Time Money Account. In: Vasudevan, H., Deshmukh, A., Ray, K. (eds) Proceedings of International Conference on Wireless Communication . Lecture Notes on Data Engineering and Communications Technologies, vol 19. Springer, Singapore. https://doi.org/10.1007/978-981-10-8339-6_4
Download citation
DOI: https://doi.org/10.1007/978-981-10-8339-6_4
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-8338-9
Online ISBN: 978-981-10-8339-6
eBook Packages: EngineeringEngineering (R0)