01-01-2011, 02:18 PM
Paper - Template.doc (Size: 307 KB / Downloads: 191)
V.JAYASHREE
M.S (SOFTWARE ENGINEERING)
VIT UNIVERSITY
VELLORE
R. Hema Latha
M.S (SOFTWARE ENGINEERING)
VIT UNIVERSITY
VELLORE
Abstract-
Online Banking allows customers to conduct financial transactions on a secure website operated by their retail or virtual bank, credit union or building society. The proposed method guarantees that authenticating to services, online banking features is secured.
Ref No: Title Conclusion
1 One Time Password System One-time password systems provide additional protection but their use has been limited by cost and inconvenience.
2 Two Factor Authentication Application The user is simply requested to possess a Bluetooth enabled handheld device to enforce authentication based on weak credentials.
3 Security Token For Unified Authentication Authentication scheme based on One-Time Password (OTP) MIDlet running on a mobile phone for unified authentication towards any type of service on the Internet.
4 Online Authentication Protocol Online authentication is to verify identities through cyber networks.
The client accesses the ATM using a Private Key Security Token, which is sent to client’s mobile through a SMS by the Bank’s authentication servers. The key is generated by implementing SHA256 and Base64 Algorithm using the registers IMSI and IMEI number of client’s mobile. SMS based mechanism makes sure that the key reaches only the registered client.
The client is given a PIN and a Master Key when registered to the Online Banking Services. If in case a client’s mobile is lost, authentication is done using Unique Master Key, else the Private Key Token is used there by making transactions secured and simple without the need of carrying any USB Tokens.
The additional functionality provides the client more security on their transactions. Phishing attack by the hackers is avoided.
INTRODUCTION
Protection through single password authentication, as is the case in most secure Internet shopping sites, is not considered secure enough for personal online banking applications. Transactions in online banking differ from general internet shopping transactions. Attacks on online banking deceive the user to steal login data. A weak password is easy to remember, open to potential attacks. It is not secured in many cases and risks are high.
While digital certificates are used against phishing and pharming, attacks lead to an increasing number of phishing websites which duplicates victim’s passwords. The less is the password security relies on human mediation, the more it is secure.
A secured authentication for online banking can be done using two factor authentication techniques. Dynamic Key Token is used for performing the banking operation.