Secured Authentication for Online banking using Mobile Phones
#1



[attachment=7853]

V.JAYASHREE
M.S (SOFTWARE ENGINEERING)
VIT UNIVERSITY
VELLORE

R. Hema Latha
M.S (SOFTWARE ENGINEERING)
VIT UNIVERSITY
VELLORE



Abstract-
Online Banking allows customers to conduct financial transactions on a secure website operated by their retail or virtual bank, credit union or building society. The proposed method guarantees that authenticating to services, online banking features is secured.
Ref No: Title Conclusion
1 One Time Password System One-time password systems provide additional protection but their use has been limited by cost and inconvenience.

2 Two Factor Authentication Application The user is simply requested to possess a Bluetooth enabled handheld device to enforce authentication based on weak credentials.
3 Security Token For Unified Authentication Authentication scheme based on One-Time Password (OTP) MIDlet running on a mobile phone for unified authentication towards any type of service on the Internet.

4 Online Authentication Protocol Online authentication is to verify identities through cyber networks.
The client accesses the ATM using a Private Key Security Token, which is sent to client’s mobile through a SMS by the Bank’s authentication servers. The key is generated by implementing SHA256 and Base64 Algorithm using the registers IMSI and IMEI number of client’s mobile. SMS based mechanism makes sure that the key reaches only the registered client.
The client is given a PIN and a Master Key when registered to the Online Banking Services. If in case a client’s mobile is lost, authentication is done using Unique Master Key, else the Private Key Token is used there by making transactions secured and simple without the need of carrying any USB Tokens.
The additional functionality provides the client more security on their transactions. Phishing attack by the hackers is avoided.


INTRODUCTION
Protection through single password authentication, as is the case in most secure Internet shopping sites, is not considered secure enough for personal online banking applications. Transactions in online banking differ from general internet shopping transactions. Attacks on online banking deceive the user to steal login data. A weak password is easy to remember, open to potential attacks. It is not secured in many cases and risks are high.

While digital certificates are used against phishing and pharming, attacks lead to an increasing number of phishing websites which duplicates victim’s passwords. The less is the password security relies on human mediation, the more it is secure.
A secured authentication for online banking can be done using two factor authentication techniques. Dynamic Key Token is used for performing the banking operation.




Reply
#2
[attachment=14594]
Chapter 1
INTRODUCTION

Today security concerns are on the rise in all areas such as banks, governmental
applications, healthcare industry, military organization, educational institutions, etc.
Member institutions of Online Banking Association rated Security as the most important issue of online banking. New survey finds 31 percent of bank customers avoid online transactions because of security reason. The proposed methodology guarantees authentication to online banking service in a secured manner.
Clients perform transactions on a secure website operated by their bank.Transactions in online banking differ from general internet shopping transactions. Attacks on online banking deceive the user to steal the login data. A weak password is easy to remember, but open to potential attacks. It is not secured in many cases and therefore
risks are high.
While digital certificates are used against phishing and pharming, attacks lead to an increasing number of phishing websites which duplicates victim’s passwords. The less the password security relies on human mediation, the more it is secure. Dynamic Key Token is used for performing the banking operation.
CHAPTER 2
ONLINE BANKING

Online banking (or Internet banking) allows customers to conduct financial transactions on a secure website operated by their retail or virtual bank, credit union or building society.
Online banking solutions have many features and capabilities in common, but traditionally also have some that are application specific.
2.1 FEATURES:
The common features fall broadly into several categories
• Transactional (e.g., performing a financial transaction such as an account to account transfer, paying a bill, wire transfer, apply for a loan, new account, etc.)
o Payments to third parties, including bill payments and telegraphic/wire transfers
o Funds transfers between a customer's own transactional account and savings accounts
o Investment purchase or sale
o Loan applications and transactions, such as repayments of enrollments
• Non-transactional (e.g., online statements, cheque links, cobrowsing, chat)
o Viewing recent transactions
o Downloading bank statements, for example in PDF format
o Viewing images of paid cheques
• Financial Institution Administration
• Management of multiple users having varying levels of authority
• Transaction approval process
Features commonly unique to Internet banking include
• Personal financial management support, such as importing data into personal accounting software. Some online banking platforms support account aggregation to allow the customers to monitor all of their accounts in one place whether they are with their main bank or with other institutions.
2.2 SECURITY:
Fig 2.2 Security token devices
Protection through single password authentication, as is the case in most secure Internet shopping sites, is not considered secure enough for personal online banking applications in some countries. Basically there exist two different security methods for online banking.
• The PIN/TAN system where the PIN represents a password, used for the login and TANs representing one-time passwords to authenticate transactions. TANs can be distributed in different ways, the most popular one is to send a list of TANs to the online banking user by postal letter. The most secure way of using TANs is to generate them by need using a security token.
• These token generated TANs depend on the time and a unique secret, stored in the security token (this is called two-factor authentication or 2FA). Usually online banking with PIN/TAN is done via a web browser using SSL secured connections, so that there is no additional encryption needed.
• Signature based online banking where all transactions are signed and encrypted digitally. The Keys for the signature generation and encryption can be stored on smartcards or any memory medium, depending on the concrete implementation.
2.3 ATTACKS:
Most of the attacks on online banking used today are based on deceiving the user to steal login data and valid TANs. Two well known examples for those attacks are phishing and pharming. Cross-site scripting and keylogger/Trojan horses can also be used to steal login information.
A method to attack signature based online banking methods is to manipulate the used software in a way, that correct transactions are shown on the screen and faked transactions are signed in the background.
The most recent kind of attack is the so-called Man in the Browser attack, where a Trojan horses permits a remote attacker to modify the destination account number and also the amount.
Reply
#3
i want more docs on this topic
Reply
#4
To get more information about the topic "Secured Authentication for Online banking using Mobile Phones " please refer the page link below

http://studentbank.in/report-secured-aut...ile-phones
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: seminar on mobile banking, ppts on online banking, fnb online banking, online banking seminar topic in pdf, secured lan commuunicator, mobile banking, project report mobile banking,

[-]
Quick Reply
Message
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  Online Art Gallery project topics 2 4,973 12-09-2017, 01:27 PM
Last Post: Mohankumari
  Online Training and Placement mechanical engineering crazy 17 13,516 11-05-2017, 01:42 PM
Last Post: Guest
  Graphical Password Authentication using Cued Click Points (CCP) project topics 19 18,469 26-04-2017, 03:38 PM
Last Post: jaseela123d
  SPOC: A Secure and Privacy-preserving Opportunistic Computing Framework for Mobile-He 1 876 14-02-2017, 03:49 PM
Last Post: jaseela123d
  Multi Banking System mechanical engineering crazy 16 15,290 07-10-2016, 09:38 PM
Last Post: rano
  online examination full report project report tiger 14 42,735 03-09-2016, 11:20 AM
Last Post: jaseela123d
  Online Ticket Reservation System for Cinema Halls Electrical Fan 16 19,212 04-07-2016, 03:10 PM
Last Post: visalakshik
  Online Dictionary nit_cal 2 2,285 06-04-2016, 12:16 PM
Last Post: dhanabhagya
  Development of an Online Course Portal for a campus seminar topics 5 6,570 19-03-2016, 02:13 PM
Last Post: dhanabhagya
  Online Rental House Web Portal smart paper boy 6 5,393 06-02-2016, 01:00 PM
Last Post: seminar report asees

Forum Jump: