Abstract
This paper presents the implementation of a home banking solution for mobile phones, using a secure micro-SD card. This card is used to implement a strong online authentication with the bank server, based on a public key infrastructure, providing a flexible way to add entities – users as well as banks – to the ecosystem. The implemented system is running on Android mobile phones, taking into account the possible weaknesses at operating system level. The microSD card is running Java Card 2.2.1. Different security features are discussed that considerably improve upon existing mobile banking systems and allow for seamless integration of our system in the current smart phone context.
This is a preview of subscription content, access via your institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
The Smart Card Alliance, Proximity Mobile Payments: Leveraging NFC and the Contactless Financial Payments Infrastructure (2007), http://www.smartcardalliance.org/pages/publications-payments-mobile-payments-nfc
Atos Worldline S.A./N.V., Banksys mobile banking application: m-banxafe (2008), http://www.atosworldline.be/landing-banxafe.html
BNP Paribas Fortis (2011), https://www.bnpparibasfortis.be
CCC, 27th Chaos Communication Congress (2010), http://events.ccc.de/congress/2010/wiki/Main_Page
Giesecke & Devrient (2011), http://www.gi-de.com/en/index.jsp
Gold, S.: Cracking GSM. Network Security 2011(4), 12–15 (2011) ISSN: 1353-4858, http://www.sciencedirect.com/science/article/pii/S1353485811700393 , doi:10.1016/S1353-4858(11)70039-3
GSM Phones Now Vulnerable To Eavesdropping with Cheap Off-the-shelf Equipment (2011), http://www.livehacking.com/2011/01/04/gsm-phones-now-vulnerable-to-eavesdropping-with-cheap-off-the-shelf-equipment/
Guthery, S.B., Cronin, M.J.: Mobile application development with SMS and the SIM toolkit. McGraw-Hill telecom professional. McGraw-Hill (2002) ISBN: 9780071375405
Keytrade Bank (2011), https://www.keytradebank.com
Luyckx, N.: Secure Mobile Banking. MA thesis. Katholieke Universiteit Leuven (2011)
Menezes, A.J., Vanstone, S.A., Van Oorschot, P.C.: Handbook of Applied Cryptography, 1st edn. CRC Press, Inc., Boca Raton (1996) ISBN: 0849385237
Narendiran, C., Albert, R.S., Rajendran, N.: Public key infrastructure for mobile banking security. In: Global Mobile Congress 2009, p. 6. IEEE (2009)
Oracle, Java Card Technology (2011), http://www.oracle.com/technetwork/java/javacard
Global Platform, Secure Channel Protocol 2003 (2009), http://www.globalplatform.org/specifications/card/GPC_2%202_D-SecureChannelProtocol03-2nd-public_review.pdf
RSA, RSA secureID (2011), http://www.rsa.com/node.aspx?id=1156
The Apache Software Foundation, Apache Tomcat (2011), http://tomcat.apache.org/index.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Van Damme, G., Luyckx, N., Wouters, K. (2012). A PKI-Based Mobile Banking Demonstrator. In: Petkova-Nikova, S., Pashalidis, A., Pernul, G. (eds) Public Key Infrastructures, Services and Applications. EuroPKI 2011. Lecture Notes in Computer Science, vol 7163. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29804-2_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-29804-2_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29803-5
Online ISBN: 978-3-642-29804-2
eBook Packages: Computer ScienceComputer Science (R0)
