Secured Authentication for Online banking using Mobile Phones
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
seminar surveyer
Active In SP
**

Posts: 3,541
Joined: Sep 2010
#1
01-01-2011, 02:18 PM





.doc   Paper - Template.doc (Size: 307 KB / Downloads: 173)

V.JAYASHREE
M.S (SOFTWARE ENGINEERING)
VIT UNIVERSITY
VELLORE

R. Hema Latha
M.S (SOFTWARE ENGINEERING)
VIT UNIVERSITY
VELLORE



Abstract-
Online Banking allows customers to conduct financial transactions on a secure website operated by their retail or virtual bank, credit union or building society. The proposed method guarantees that authenticating to services, online banking features is secured.
Ref No: Title Conclusion
1 One Time Password System One-time password systems provide additional protection but their use has been limited by cost and inconvenience.

2 Two Factor Authentication Application The user is simply requested to possess a Bluetooth enabled handheld device to enforce authentication based on weak credentials.
3 Security Token For Unified Authentication Authentication scheme based on One-Time Password (OTP) MIDlet running on a mobile phone for unified authentication towards any type of service on the Internet.

4 Online Authentication Protocol Online authentication is to verify identities through cyber networks.
The client accesses the ATM using a Private Key Security Token, which is sent to client’s mobile through a SMS by the Bank’s authentication servers. The key is generated by implementing SHA256 and Base64 Algorithm using the registers IMSI and IMEI number of client’s mobile. SMS based mechanism makes sure that the key reaches only the registered client.
The client is given a PIN and a Master Key when registered to the Online Banking Services. If in case a client’s mobile is lost, authentication is done using Unique Master Key, else the Private Key Token is used there by making transactions secured and simple without the need of carrying any USB Tokens.
The additional functionality provides the client more security on their transactions. Phishing attack by the hackers is avoided.


INTRODUCTION
Protection through single password authentication, as is the case in most secure Internet shopping sites, is not considered secure enough for personal online banking applications. Transactions in online banking differ from general internet shopping transactions. Attacks on online banking deceive the user to steal login data. A weak password is easy to remember, open to potential attacks. It is not secured in many cases and risks are high.

While digital certificates are used against phishing and pharming, attacks lead to an increasing number of phishing websites which duplicates victim’s passwords. The less is the password security relies on human mediation, the more it is secure.
A secured authentication for online banking can be done using two factor authentication techniques. Dynamic Key Token is used for performing the banking operation.




Reply
smart paper boy
Active In SP
**

Posts: 2,053
Joined: Jun 2011
#2
18-07-2011, 04:03 PM


.doc   final report123.doc (Size: 896.5 KB / Downloads: 91)
Chapter 1
INTRODUCTION

Today security concerns are on the rise in all areas such as banks, governmental
applications, healthcare industry, military organization, educational institutions, etc.
Member institutions of Online Banking Association rated Security as the most important issue of online banking. New survey finds 31 percent of bank customers avoid online transactions because of security reason. The proposed methodology guarantees authentication to online banking service in a secured manner.
Clients perform transactions on a secure website operated by their bank.Transactions in online banking differ from general internet shopping transactions. Attacks on online banking deceive the user to steal the login data. A weak password is easy to remember, but open to potential attacks. It is not secured in many cases and therefore
risks are high.
While digital certificates are used against phishing and pharming, attacks lead to an increasing number of phishing websites which duplicates victim’s passwords. The less the password security relies on human mediation, the more it is secure. Dynamic Key Token is used for performing the banking operation.
CHAPTER 2
ONLINE BANKING

Online banking (or Internet banking) allows customers to conduct financial transactions on a secure website operated by their retail or virtual bank, credit union or building society.
Online banking solutions have many features and capabilities in common, but traditionally also have some that are application specific.
2.1 FEATURES:
The common features fall broadly into several categories
• Transactional (e.g., performing a financial transaction such as an account to account transfer, paying a bill, wire transfer, apply for a loan, new account, etc.)
o Payments to third parties, including bill payments and telegraphic/wire transfers
o Funds transfers between a customer's own transactional account and savings accounts
o Investment purchase or sale
o Loan applications and transactions, such as repayments of enrollments
• Non-transactional (e.g., online statements, cheque links, cobrowsing, chat)
o Viewing recent transactions
o Downloading bank statements, for example in PDF format
o Viewing images of paid cheques
• Financial Institution Administration
• Management of multiple users having varying levels of authority
• Transaction approval process
Features commonly unique to Internet banking include
• Personal financial management support, such as importing data into personal accounting software. Some online banking platforms support account aggregation to allow the customers to monitor all of their accounts in one place whether they are with their main bank or with other institutions.
2.2 SECURITY:
Fig 2.2 Security token devices
Protection through single password authentication, as is the case in most secure Internet shopping sites, is not considered secure enough for personal online banking applications in some countries. Basically there exist two different security methods for online banking.
• The PIN/TAN system where the PIN represents a password, used for the login and TANs representing one-time passwords to authenticate transactions. TANs can be distributed in different ways, the most popular one is to send a list of TANs to the online banking user by postal letter. The most secure way of using TANs is to generate them by need using a security token.
• These token generated TANs depend on the time and a unique secret, stored in the security token (this is called two-factor authentication or 2FA). Usually online banking with PIN/TAN is done via a web browser using SSL secured connections, so that there is no additional encryption needed.
• Signature based online banking where all transactions are signed and encrypted digitally. The Keys for the signature generation and encryption can be stored on smartcards or any memory medium, depending on the concrete implementation.
2.3 ATTACKS:
Most of the attacks on online banking used today are based on deceiving the user to steal login data and valid TANs. Two well known examples for those attacks are phishing and pharming. Cross-site scripting and keylogger/Trojan horses can also be used to steal login information.
A method to attack signature based online banking methods is to manipulate the used software in a way, that correct transactions are shown on the screen and faked transactions are signed in the background.
The most recent kind of attack is the so-called Man in the Browser attack, where a Trojan horses permits a remote attacker to modify the destination account number and also the amount.
Reply
bharath3333333
Active In SP
**

Posts: 1
Joined: Aug 2011
#3
08-08-2011, 02:05 PM

i want more docs on this topic
Reply
seminar addict
Super Moderator
******

Posts: 6,592
Joined: Jul 2011
#4
09-08-2011, 09:48 AM

To get more information about the topic "Secured Authentication for Online banking using Mobile Phones " please refer the link below

topicideashow-to-secured-authentication-for-online-banking-using-mobile-phones
Reply
rainsji
Active In SP
**

Posts: 1
Joined: Jul 2012
#5
03-07-2012, 01:29 AM

secured authentication for online banking using mobile phones
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page

Quick Reply
Message
Type your reply to this message here.


Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  Development of an Online Course Portal for a campus seminar topics 5 6,131 31-10-2016, 02:29 PM
Last Post: jaseela123
  Graphical Password Authentication using Cued Click Points (CCP) project topics 14 13,334 31-10-2016, 02:06 PM
Last Post: Dhanabhagya
  ONLINE EL-CHICO RESTAURANT MANAGEMENT SYSTEM seminar flower 1 620 08-04-2016, 11:10 AM
Last Post: mkaasees
  Report on Online grievance redressal system study tips 1 637 04-04-2016, 03:53 PM
Last Post: mkaasees
  e-banking project and implimentation seminar presentation 10 18,582 08-07-2015, 04:29 PM
Last Post: Guest
  Online Rental House Web Portal smart paper boy 5 4,008 30-01-2015, 12:29 PM
Last Post: bharath9530
  intel centrino mobile technology ppt jaseelati 0 272 05-01-2015, 04:49 PM
Last Post: jaseelati
  The Three-Tier Security Scheme in Wireless Sensor Networks with Mobile Sinks seminar flower 3 2,748 09-12-2014, 09:25 PM
Last Post: Guest
  Project Report On OnLine Cab Service project girl 1 952 22-08-2014, 07:29 PM
Last Post: HKGSuIeNq
  MABS: Multicast Authentication Based on Batch Signature seminar class 20 12,317 03-07-2014, 06:19 PM
Last Post: Guest