A Secure and Reliable Mobile Banking Framework
In this paper we propose a secure mobile banking framework which ensures reliable end to end communication channel and end to end application security from the UICC to the Remote Bank Server via Mobile Equipment. SSL/TLS ensures secure connection from the UICC to the Remote Bank Server, TCP provides end to end reliable communication and Bearer Independent Protocol (BIP) provides and manages the link layer in achieving end to end reliable communications between the UICC and the Remote Bank Server. All the digital signatures are generated in a tamper proof hardware i.e. UICC at the client side and Hardware Security Module at the Bank side. So all the signatures generated in the framework are qualified signatures. Bank server is supported by Communication Manager, Synchronization Manager, Security Manager, Concurrency Manager, Backup Manager, Archives Manager and Error and Exception Handling Manager in order to ensure end to end security at the communication layer and at the application layer.
KeywordsMobile Banking (MB) UICC Bearer Independent Protocol (BIP) SSL/ TLS TCP
Unable to display preview. Download preview PDF.
- 1.Wu, H., Li, X., Dai, W., Zhao, W.: Mobile Payment Framework Based on 3G Network. In: Proceedings of the Third International Symposium on Electronic Commerce and Security Workshops(ISECS 2010), Guangzhou, P. R. China, July 29-31, pp. 172–175 (2010)Google Scholar
- 3.Narendiran, C.: A new approach on secure mobile banking using public key infrastructure. International Journal of Computing Technology and Information Security 1(1), 40–46 (2011)Google Scholar
- 4.Zhu, Y., Rice, J.E.: A Lightweight Architecture for Secure Two-Party Mobile Payment. Computational Science and Engineering 2, 326–333 (2009)Google Scholar
- 5.Wei, L., Chenglin, Z., Wei, Z., Zheng, Z.: The GPRS Mobile Payment System Based on RFID. Comminication Technology, 1–4 (2006)Google Scholar
- 6.Manvi, S.S., Bhajantri, L.B., Vijayakumar, M.A.: Secure Mobile Payment System in Wireless Environment payment system. In: Proceedings of the Second International Conference on Mobile Technology, Applications and Systems, pp. 113–119 (2005)Google Scholar
- 7.Muhammad, S., Furqan, Z., Guha, R.K.: Understanding the intruder through attacks on cryptographic protocols. In: Proceedings of the 44th ACM Southeast Conference (ACMSE 2006), pp. 667–672 (March 2006)Google Scholar
- 8.Kumar, S.B.R., Raj, A.A.G., Rabara, S.A.: A framework for mobile payment consortia system. Computer Science and Software Engineering 2, 43–47 (2008)Google Scholar
- 9.Ahamad, S.S., Sastry, V.N., Udgata, S.K.: Secure Mobile Payment Framework based on UICC with Formal Verification. Special Issue on ‘Future Trends in Security Issues in Internet and Web Applications’ Int. J. Computational Science and Engineering (accepted) (in press)Google Scholar
- 10.Ahamad, S.S., Sastry, V.N., Udgata, S.K.: A secure and optimized mobile payment framework with formal verification. In: SECURIT 2012, pp. 27–35 (2012)Google Scholar