Skip to main content

Secure End-To-End Authentication for Mobile Banking

  • Conference paper
Software Engineering in Intelligent Systems

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 349))

Abstract

The advancement in technology makes Mobile Banking transaction more sophisticated. The OTP SMS is generated by the bank server and is handed over to the client’s mobile subscriber. To avoid any possible attacks like phishing and other attacks, the OTP must be secured. In order to provide reliable and secure mobile transactions without any compromise to convenience, a reliable m-banking authentication scheme that combines the secret PIN with encryption of the one-time password (OTP) has been developed in this paper. The secured OTP while using eZeeMPay salt algorithm seek to give the more secured m-banking transaction. After the encrypted OTP SMS reaches the client’s mobile, the OTP is used again used for decrypting. The plain OTP text should be sent back to the bank will verified at the server to complete the transaction initiated. The combination of OTP with secured OTP provides authentication and security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Managing the Risk of Mobile Banking Technologies, Bankable Frontier Associates

    Google Scholar 

  2. 3rd Generation Partnership Project. 3GPP TS 23.040 - Technical realization of the Short Message Service (SMS) (September 2004), http://www.3gpp.org/ftp/Specs/html-info/23040.htm

  3. Duo Security. Modern Two-Factor Authentication, http://duosecurity.com

  4. PhoneFactor, Inc. Comparing PhoneFactor to Other SMS Authentication Solutions, http://www.phonefactor.com/sms-authentication

  5. Yang, R.: SMS Text Message Based Authentication. Citrix Developer Network: http://community.citrix.com/display/xa/SMS+Text+Message+Based+Authentication

  6. VISUALtron Software Corporation. 2-Factor Authentication - What is MobileKey? http://www.visualtron.com/products-mobilekey.htm

  7. SMS PASSCODE A/S. Two-factor Authentication, http://www.smspasscode.com/twofactorauthentication

  8. Google Inc. SMS Verification for App Creation, https://developers.google.com/appengine/kb/sms

  9. Google Inc. Verifying your account via SMS or Voice Call, http://support.google.com/mail/bin/answer.py?hl=en&answer=114129

  10. Blizzard Inc. Battle.net SMS Protect FAQ (September 2012), https://us.battle.net/support/en/article/battlenet-sms-protect

  11. http://valerieaurora.org/hash.html

  12. http://md5hashing.net/

  13. https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle

  14. http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf (February 10, 2014)

  15. NIST, “NIST Brief Comments on Recent Cryptanalytic Attacks on Secure Hashing Functions and Continued Security Provided by SHA-1” (August 25, 2004), http://csrc.nist.gov/groups/ST/toolkit/documents/shs/hash_standards_comments.pdf

  16. NIST, “Descriptions of SHA-256, SHA-384, and SHA-512”, http://csrc.nist.gov/groups/STM/cavp/documents/shs/sha256-384-512.pdf

  17. http://www.miniwebtool.com/hash-and-checksum/

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Singh, B., Jasmine, K.S. (2015). Secure End-To-End Authentication for Mobile Banking. In: Silhavy, R., Senkerik, R., Oplatkova, Z., Prokopova, Z., Silhavy, P. (eds) Software Engineering in Intelligent Systems. Advances in Intelligent Systems and Computing, vol 349. Springer, Cham. https://doi.org/10.1007/978-3-319-18473-9_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-18473-9_22

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-18472-2

  • Online ISBN: 978-3-319-18473-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics