Event Reconstruction of Indonesian E-Banking Services on Windows Phone Devices

  • Niken Dwi Wahyu Cahyani
  • Ben Martini
  • Kim-Kwang Raymond Choo
  • Helen Ashman
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 255)


In this paper, a digital investigation of electronic (e)-banking services on the Windows Phone platform of nine Indonesian banks is undertaken. In the experiments, banking transactions (balance check, funds transfer and phone credit purchase) are performed using a Nokia Lumia 625. The digital evidence resulting from these transactions is acquired and analyzed using mobile forensic tools from Cellebrite and Micro Systemation AB. In order to reconstruct the transaction events, evidence objects are identified and related events are sequenced. Specifically, the findings relating to mobile banking activities identify eight digital evidence objects (SMS, email, call log, contact, media file, network packets, location and installed apps), and a physical object (account book - obtained from a physical investigation). Investigation questions of who, what, when and how are answered from the acquired evidence and the event sequence diagrams. The findings contribute to a better understanding of available mobile banking evidence on Windows Phone devices.


Forensic science Digital forensics Investigative techniques Event reconstruction Windows phone forensics Digital evidence E-banking Indonesian banks 


  1. 1.
    Understanding Worldwide Attitudes, Behaviours and Trends in Mobile Content and Commerce.
  2. 2.
  3. 3.
    Carrier, B.D., Spafford, E.H.: Defining event reconstruction of digital crime scenes. J. Forensic Sci. 49(6), 1291–1297 (2004)CrossRefGoogle Scholar
  4. 4.
    Johnson, C.: Failure in Safety-Critical Systems: A Handbook of Incident and Accident Reporting. Glasgow University Press, Scotland (2003)Google Scholar
  5. 5.
    Jung, J.-H., Kim, J.Y., Lee, H.-C., Yi, J.H.: Repackaging attack on Android banking applications and its countermeasures. Wirel. Pers. Commun. 73(4), 1421–1437 (2013)CrossRefGoogle Scholar
  6. 6.
    Chanajitt, R., Viriyasitavat, W., Choo, K.-K.R.: Forensic analysis and security assessment of Android m-banking apps. Aust. J. Forensic Sci. 1–17 (2016)Google Scholar
  7. 7.
    Barmpatsalou, K., Damopoulos, D., Kambourakis, G., Katos, V.: A critical review of 7 years of mobile device forensics. Digit. Invest. 10(4), 323–349 (2013)CrossRefGoogle Scholar
  8. 8.
    Cahyani, N.D.W., Martini, B., Choo, K.-K.R., Al-Azhar, M.N.: Forensic data acquisition from cloud-of-things devices: Windows smartphones as a case study. Concurr. Comput. 29(14), 1–16 (2017)CrossRefGoogle Scholar
  9. 9.
    Cahyani, N.D.W., Ab Rahman, N.H., Glisson, W.B., Choo, K.-K.R.: The role of mobile forensics in terrorism investigations involving the use of cloud storage service and communication apps. Mobile Netw. Appl. 22(2), 240–254 (2017)CrossRefGoogle Scholar
  10. 10.
    Carrier, B., Spafford, E.H.: Getting physical with the digital investigation process. Int. J. Digit. Evid. 2(2), 1–20 (2003)Google Scholar
  11. 11.
    Weir, C.S., Douglas, G., Richardson, T., Jack, M.: Usable security: user preferences for authentication methods in eBanking and the effects of experience. Interact. Comput. 22(3), 153–164 (2010)CrossRefGoogle Scholar
  12. 12.
    Gunson, N., Marshall, D., Morton, H., Jack, M.: User perceptions of security and usability of single-factor and two-factor authentication in automated telephone banking. Comput. Secur. 30(4), 208–220 (2011)CrossRefGoogle Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018

Authors and Affiliations

  • Niken Dwi Wahyu Cahyani
    • 1
    • 3
  • Ben Martini
    • 1
  • Kim-Kwang Raymond Choo
    • 1
    • 2
  • Helen Ashman
    • 1
  1. 1.School of Information Technology and Mathematical SciencesUniversity of South AustraliaAdelaideAustralia
  2. 2.Department of Information Systems and Cyber SecurityThe University of Texas at San AntonioSan AntonioUSA
  3. 3.Department of InformaticsTelkom UniversityBandungIndonesia

Personalised recommendations