An Algorithm for Electronic Money Transaction Security (Three Layer Security): A New Approach
|
|
- Leona Peters
- 2 years ago
- Views:
Transcription
1 , pp An Algorithm for Electronic Money Transaction Security (Three Layer Security): A New Approach Md. Syeful Islam Samsung Research Institute Bangladesh Ltd. (SRBD), Dhaka-1205, Bangladesh, Phone: Abstract In the era of internet, most of the people all over the world completed their transaction on internet. Though the user of electronic transaction or E-money transaction system increase rapidly but the majority person are concern about the security of this system. The growth in online transactions has resulted in a greater demand for fast and accurate user identification and authentication. Conventional method of identification based on possession of ID cards or exclusive knowledge like a social security number or a password are not all together reliable. Identification and authentication by individuals' biometric characteristics is becoming an accepted procedure that is slowly replacing the most popular identification procedure passwords. Among all the biometrics, fingerprint based identification is one of the most mature and proven technique. Along with the combination of conventional system, biometric security, Global positioning system(gps) and mobile messaging we have design an algorithm which increase security of electronic transaction and more reliable to user. A three layer security model to enhancing security of electronic transaction is proposed in this paper. Keywords: E-money, Electronic transaction, Authentication, Security, Biometric Security, Finger Print, Iris recognition, Encryption, Decryption, GPS Authentication 1. Introduction Today the regional economies, societies, cultures and educations are integrated through a globe-spanning network of communication and trade. Today s most of business dealings (order receive, delivery confirmation, transaction and business communication) are done on internet. Rapid development of banking technology, Banks provide facilities to their client to transaction their money from won account through a security system using internet. This system is known as electronic transaction. Notwithstanding, we lived in a world where people no longer want to encounter long queues for any reason, they don t not want to wait for too long time before they are attended to and this has led to the increasing services being rendered by banks to further improve the convenience of banking through the means of electronic banking. The growing rate of the popularity of Electronic transaction increased day by day. Now-a-days most of the people make their banking activities such as cash withdrawal, money transfer, paying phone and electricity bills, online purchase beyond official hour s without physical interaction with bank staff using internet. Bank fascinated their customers to carry out banking transactions like, deposits, transfers, balance enquiries, mini statement, withdrawal and fast cash etc. in various ways. There are two ways customer can perform their banking activities. First one physically interacts with banking staff and second one is Electronic transaction (ATM transaction, online transaction and E-coin). [1] For the first case bank staff manually authenticates a user based on check book, customer signature and photo. In the case of Electronic transaction bank follows conventional method where authenticate a user based on user id ISSN: IJSIA Copyright c 2015 SERSC
2 and PIN (personal identification number). But in this case security is one of the major issues regarding electronic transaction. Currently Bank provide conventional security (authenticate user using username and password). In recent year the rate of cyber-crime increases day by day. The criminal attack not only cyber security and cyber information they also collect personal information and attack on Electronic banking system. A lot of criminals inter into the Banking database by breaking security and steal customers personal details (account information, card details, user id, password etc.) by illegal means. Once criminal get personal information then, the users account is vulnerable to attack. It s not only threaten for user, it s also for be bank. The prevailing techniques of user authentication, which involves the use of either passwords and user IDs (identifiers), or identification cards and PINs (personal identification numbers), suffer from several limitations. Passwords and PINs can be illicitly acquired by direct covert observation. Currently there is lots of scientist working on online transaction security. Here we have designed three layer security system for authenticate a user in electronic transaction. The main goal of this work is defining a system for Electronic transaction which is reliable to both a user and bank. In this paper we have design an algorithm which ensured high level security in Electronic transaction and define an efficient and highly scalable Money transaction system. The paper is arranged as follows. In section 2 we have to identify about the problem domain and motivates the research. Section 3 introduced with the Electronic transaction system and security. In Section 4 we have proposed a scalable electronic transaction system with 3 layer security. Section 5 presented the results analysis and section 6 concluded the work. 2. Problem Domain Most of the banking system supported both physical and online transaction. But electronic money transaction system is increasingly popular due to the widespread use of the internet-based shopping and banking. That why all of bank think they provide there most of services at internet. In that case most concern is about security. So without ensuring security it s can t be a promising system to customer. The crime over internet increases rapidly. The Criminal attack on various online system and hacked impotent both personal and professional information. In recent year cybercrime on banking is alarming for both customer and bank. A lot of criminals inter into the Banking database by breaking security and steal customers personal details (account information, card details, user id, password etc.,) by illegal means. Once criminal get personal information then, the users account is vulnerable to attack. It s not only threaten for user, it s also for be bank. The need for security is a constant of doing business over the internet because; in essence the Internet is a broadcast medium. E-security enhances or adds value to a naked network and is composed of both soft and hard infrastructure. Soft infrastructure components are those policies, process, protocols and guidelines that create the protective environment to keep the system and the data from compromise. The hard infrastructure consists of the actual hardware and software needed to protect the system and its data from external and internal threats to security. There is lots of scientist work on cyber security and proposed there technique to protect online user from cybercrime. Currently there are several techniques available for ensuring security but not satisfy to all labels of users. The goal of this paper is provide a concrete solution regarding cyber security in electronic money transaction. In this paper I have proposed an algorithm with three layer security for ensuring security at electronic transaction. 204 Copyright c 2015 SERSC
3 3. Electronic Money Transaction and e-security Electronic money or e-money is an evolving term that can have different meanings but in principle involves the use of computer networks and digital stored value systems to store and transmit money. It may have official legal status or not. It may be historical, current or theoretical. The underlying principle of electronic money involves the use of computer networks such as the Internet and digital stored value systems. Examples of electronic money are bank deposits, electronic funds transfer, direct deposit, payment processors, and digital currencies. Electronic money can be understood as a way of storing and transmitting conventional money through electronic systems or as digital currency which varies in value and is tradable as a currency in its own right. [2] Electronic money is a digital equivalent of cash, stored on an electronic device or remotely at a server. There are several aspects to security when dealing with E-transaction. The first issue is the security of the transaction. How does one know that the customer is valid? Encryption and special serial numbers are supposed to allow the issuing bank to verify (quickly) the authenticity of E-money. The ultimate area of security is faith in the currency. E-security can be described on the one hand as those policies, guidelines, processes and action needed to enable electronic transactions to be carried out with a minimum risk of breach, intrusion or theft. On the other hand, e-security is any tool, technique or process used to protect a system s information assets. Information is a valuable strategic asset that must be managed and protected accordingly. The degree of e-security used for any activity should be proportional to the activity s underlying value. This security is a riskmanagement or risk-mitigation tool, and appropriate security means mitigation of the risk for the underlying transaction in proportion to its value. [3-4] Security measures at banks can play a critical, contributory role in preventing attacks on customers. These measures are of paramount importance when considering vulnerabilities and causation in civil litigation and banks must meet certain standards in order to ensure a safe and secure banking environment for their customers. 4. Proposed a Scalable Electronic Transaction System with 3 Layer Security Electronic money transfer system facilitates the transactions over internet. Also known as a sample of Electronic Data Interchange (EDI), e-payment systems have become increasingly popular due to the widespread use of the internet-based shopping and banking. We have already describe the major challenges of online transaction are security. I have designed an algorithm with combination of conventional and advanced security ensuring technology. This designed algorithm ensures e-security using three layer security systems (Figure 1). These three layers are: Layer -1: Conventional E-security using Username and PIN number. Layer -2: Biometric security using Fingerprint or Iris recognition. Layer -3: Mobile security using GPS or mobile SMS. Copyright c 2015 SERSC 205
4 4.1. Layer 1 Security Figure 1. Three Layer Security System Flow This is conventional system for authenticate user in online. Not only electronic transaction system, most of the system authenticates their user using a username and password. As a basic in this proposed algorithm 1st steps customer use ATM system by his/her user name and PIN. There is no need to convey any physical device like as ATM card. It s our main challenges that proposed system eliminate conventional ATM card. Customers get username and PIN when he/she open an account for transaction on any bank. PIN generation technique is system generate a PIN and sent it to corresponding customer mobile. Customer can change PIN by login into system. When customer provide username and PIN in ATM system it authenticate user from user information data table from bank server. If authenticate It allows customer to proceed layer 2 security otherwise it provides 5 times resubmit username and PIN. After trying 4 times, it s terminating the transaction and offline for a 30 minute for this user. In that time customer can t transaction from any ATM system. If essential cases customer need to contact on bank physically Layer 2 Security Figure 2. Layer 1 Security System Flow After passing layer 1 system allows user to access layer 2 securities. It s biometric security system. In modern technology there are several biometric security system are available. But most common and reliable security system is Fingerprint and Iris recognition. This layer 2 to can accept both biometric techniques based on vendor and 206 Copyright c 2015 SERSC
5 customer choice. Here I have only described fingerprint as a biometric security ensuring technique. Biometric authentication has become more and more popular in the banking and finance sector [5]. The idea of fingerprint is not only for security but also to overcome the lack of customer understanding on ATM concept. We proposed ATM with biometric, a fingerprint security system, in order to meet its customers needs who many of them have savings account and need to have access to their money during non-banking hours. The ATM with fingerprint scanner offer excellent security to customer since there is very low possibility of fraud. By using fingerprint recognition customers are more comfortable with the idea of saving their money with the bank because they understand that no one can replicate their fingerprint and take their money. Fingerprint authentication is the most popular method among biometric authentication, fingerprint based identification is one of the most mature and proven technique [6-7]. In banking system Biometrics holds the promise of fast, easy-to-use, accurate, reliable, and less expensive authentication for a variety of applications [8]. At the time of transaction customers enrolment their fingerprint to a high resolution fingerprint scanner. The fingerprint image is transmitted to the central server via secured channel. At the banking terminal the minutiae extraction and matching are performed to verify the presented fingerprint image belongs to the claimed user in bank database. The authentication is signed if the minutiae matching are successful. The proposed scheme is fast and more secure (Figure 3). Figure 3. Biometric Security A basic biometric authentication system consists of six main components [8]. These are: Fingerprint scanner, preprocessor, feature extractor, database, and matcher and decision module. The function of the scanner is to scan the biometric trait of the customer. Then pre-processor process biometric data and ready for feature extraction. The function of the feature extraction module is to extract the feature set from the scanned biometric data. This feature set is then stored into the template database. [9-10] The matcher modules takes two inputs, i.e., feature set from the template database and feature set of the user who wants to authenticate him/her and compares the similarity between the two sets. The last module, i.e., the verification module makes the decision about the matching of the two feature sets [11]. Biometrics is a rapidly evolving technology that is being widely used in forensics, such as criminal identification and prison security, and that has the potential to be used in a large range of civilian application areas. Biometrics can be used to prevent unauthorized access to ATMs, cellular phones, smart cards, desktop PCs, workstations, and computer networks. In my system I have allowed 3 times to input fingerprint if it fails first 2 times to authenticate valid customer. Same as layer 1 security it off-line for 30 min if customer accede trying limit. The whole system is shown in Figure 5. If authentication passes then it goes to layer 3 security system. Copyright c 2015 SERSC 207
6 4.3. Layer 3 Security This layer ensures security using mobile. It s completely optional based on customer choice. If customers want to ensure high level security then he/she can allow mobile security. After successfully authenticate from layer 2 it check layer 3 is enable or not. If not then it goes to login into customer account directly. If layer 3 enables then it wait for authentication in this step. Here I have introduced 2 type of mobile security. GPS based authentication. Authenticate via Mobile messaging GPS based authentication: This step is optional and enable based on user choice. In GPS based authentication customer need to register valid mobile device and no. into system. And it s mandatory to bring mobile when go for transaction. ATM ensures valid customer based on customer mobile location. If customer mobile location is same as ATM location then system ensure that this customer is valid and proceed to login into customer account. Otherwise it rejects the transaction process and goes to offline Authenticate via Mobile messaging: It s also a common technique to authenticate valid user to send a credential data via SMS. SMS based authentication is used most of the online authentication system. In modern system user get a SMS after login any system for authentication. SMS contain a security code for ensuring security. User provides credential data after getting message in mobile. If user input correct then system consider this user as a valid user. In that case like as other existing SMS based authentication technique, after passing layer 2 security it send a message to customer mobile with credential data (4 digit code). After getting message customer provide it into system as an input. If Mache credentials data then it ensure customer is authenticate provide permission to access account and transaction money. If user provide wrong code then it s provide three times option to reinput security data. After trying three times system terminate the transaction process. After passing all layer authentication system guaranteed that this user valid and ensure customer account form fraud access. If any customer passes authentication then he/she can transaction there money electronically. Customer can deposit there money, can withdraw or bill payment. Customer can make e-coin from system. The full work flow for this system is shown in Figure Copyright c 2015 SERSC
7 Figure 4. A Scalable Electronic Transaction System with 3 Layer Security 5. Result Analysis This system contains the following infrastructure: An ATM with High quality Fingerprint scanner and GPS enable device. Server for string user data (account information, personal information etc.) Mobile device with GPS system. For the first time, user needs to open account at bank for money transaction. Bank store both personal information with biometric data and financial information. If user has account on bank then he/she can be transaction from ATM. Now user goes to ATM and start accessing his/her account by passing 3 layer securities. Firstly provide username and PIN. Figure 5 shows the user interface for 1st layer authentication system. If matches provide information then goes to second layer. Copyright c 2015 SERSC 209
8 Figure 5. User Interface of First Layer Authentication System In second layer customer input his/her fingerprint using fingerprint scanner. The fingerprint matcher algorithm matches information and authenticate user. Figure 6 shows 2nd layer authentication User interface. Figure 6. Fingerprint Authentication If information matches with database then it goes to third layer. Otherwise provide 3 times option for re-try then exit from system. After passing second layer it shows customer basic data on screen for short time and goes down to next phase. Figure 7 shows customer basic data after passing biometric authentication. Figure 7. User Interface after Passing Second Layer Authentication 210 Copyright c 2015 SERSC
9 If mobile security is enable then it precede for third layer. Otherwise after passing second layer it directly permitted the user to access his/her account. For the case of GPS based authentication, if there GPS system technique avails then ATM system finds out the current location of customer mobile. If current location of customer is same with ATM location then it consider as a valid user. If Mobile messaging system enables then system send a message to customer with a credential data (code). User input this code into system which uses to authenticate this user at last stem. If input data match with sending data, then system permit to access user account. Figure 8 shows the interface for SMS base authentication. Figure 8. User Interface of SMS based Authentication Thus authentication completed via three stages. After complete authentication user can deposit there money, can withdraw or bill payment. Customer can make e-coin from system. In figure 9 shows main menu of transaction after login into system. As an example here a customer selected withdraw option to withdraw money from my account. When customer select withdraw option then system provides a screen to input the amount which he/she want to withdraw. The withdraw window shown in Figure 10. Figure 9. User Interface of Transaction Main Menu Copyright c 2015 SERSC 211
10 Figure 10. Money Withdraw Window Thus any valid user can perform transaction deposit, Money transfer from one account to another account, Bill payment or E-coin generation etc. as like as withdraw. Though this system maintains all of existing authentication combines with different layer, it ensure top most security at money transaction electronically. 6. Conclusion Here we have defined a procedure to ensuring high label security in electronic transaction format ATM system. IT s ensure 100% security on authenticate access and preventing from any fraud. It s comfortable to all level of user. These eliminate conventional system to caring an ATM card for transaction and provide no card solution for transaction. Hope this will be most promising technology at electronic money transaction. I have also work on further security at transaction time and universal money transaction. My future plan in this regards is give the complete solution in money transaction all level of financial operation. References [1] N. Selvaraj and G. Sekar, A method to improve the security level of ATM banking systems using AES algorithm, International Journal of Computer Applications ( ), vol. 3, no. 6, (2010) June. [2] last access, (2015) January. [3] T. C. Glaessner, T. Kellermann and V. McNevin, Electronic Security: Risk Mitigation in Financial Transactions: Public Policy Issues, World Bank Publications, Electronic security systems, (2002), pp [4] W. W. N. Wan, C. L. Luk and C. W. C. Chow, Customers Adoption of Banking Channels, Hong K34rong, International Journal of Bank Marketing, vol. 23, no. 3, (2005), pp [5] B. Richard and M. Alemayehu, Developing E-banking Capabilities in a Ghanaian Bank: Preliminary Lessons, Journal of Internet Banking and Commerce, vol. 11, no. 2, (2006). [6] N. K. Ratha, J. H. Connell and R. M. Bolle, Enhancing Security and Privacy in Biometrics-based Authentication Systems, IBM Systems Journal, vol. 40, no. 3, (2001), pp [7] J. Yang, N. Xiong, A. V. Vasilakos, Z. Fang, D. Park, X. Xu, S. Yoon, S. Xie and Y. Yang, A Fingerprint Recognition Scheme Based on Assembling Invariant Moments for Cloud Computing Communications, IEEE Systems Journal, (2011). [8] J. Leon, G. Sanchez, G. Aguilar, L. Toscano, H. Perez and J. M. Ramirez, Fingerprint Verification Applying Invariant Moments, IEEE International Midwest Symposium on Circuits and Systems, (2009), pp [9] L. O Gorman, Overview of fingerprint verification technologies, Elsevier Information Security Technical Report, vol. 3, no. 1, (1998). 212 Copyright c 2015 SERSC
11 [10] G. B. Iwasokun, O. C. Akinyokun, B. K. Alese and O. Olabode, Fingerprint Image enhancement: Segmentation to thinning, International Journal of Advanced Computer Science and Applications, vol. 3, no. 1, (2012), pp [11] Facial Verification Technology Use in ATM Transactions- Aru, Okereke, Eze, Ihekweaba Gozie. Author Md. Syeful Islam, he obtained his B.Sc. and M.Sc. in Computer Science and Engineering from Jahangirnagar University, Dhaka, Bangladesh in 2010 and 2011 respectively. He is now working as a Senior Software Engineer at Samsung R&D Institute Bangladesh. Previously he worked as a software consultant in the Micro-Finance solutions Department of Southtech Ltd. in Dhaka, Bangladesh. His research interests are in Natural Language processing, AI, embedded computer systems and sensor networks, distributed Computing and big data analysis. Copyright c 2015 SERSC 213
12 214 Copyright c 2015 SERSC
ENHANCING ATM SECURITY USING FINGERPRINT AND GSM TECHNOLOGY
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 4, April 2014,
Designing a Biometric Strategy (Fingerprint) Measure for Enhancing ATM Security in Indian E-Banking System
Designing a Biometric Strategy (Fingerprint) Measure for Enhancing ATM Security in Indian E-Banking System Sri Shimal Das, Smt. Jhunu Debbarma Department of Computer Science & Engg. Tripura Institute of
Towards Designing a Biometric Measure for Enhancing ATM Security in Nigeria E- Banking System
International Journal of Electrical & Computer Sciences IJECS-IJENS Vol: 10 No: 06 68 Towards Designing a Biometric Measure for Enhancing ATM Security in Nigeria E- Banking System Ibidapo, O. Akinyemi,
Microcontroller Based Smart ATM Access & Security System Using Fingerprint Recognition & GSM Technology
Microcontroller Based Smart ATM Access & Security System Using Fingerprint Recognition & GSM Technology Bharath K M, Rohit C V Student of B.E Electronics and Communication Coorg Institute of Technology,
Digital Identity & Authentication Directions Biometric Applications Who is doing what? Academia, Industry, Government
Digital Identity & Authentication Directions Biometric Applications Who is doing what? Academia, Industry, Government Briefing W. Frisch 1 Outline Digital Identity Management Identity Theft Management
Physical Security: A Biometric Approach Preeti, Rajni M.Tech (Network Security),BPSMV preetytushir@gmail.com, ratri451@gmail.com
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 3 Issue 2 February, 2014 Page No. 3864-3868 Abstract: Physical Security: A Approach Preeti, Rajni M.Tech (Network
Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER
with Convenience and Personal Privacy version 0.2 Aug.18, 2007 WHITE PAPER CONTENT Introduction... 3 Identity verification and multi-factor authentication..... 4 Market adoption... 4 Making biometrics
Electronic Commerce and E-wallet
International Journal of Recent Research and Review, Vol. I, March 2012 Electronic Commerce and E-wallet Abhay Upadhayaya Department of ABST,University of Rajasthan,Jaipur, India Email: abhayu@rediffmail.com
Multi-Factor Authentication of Online Transactions
Multi-Factor Authentication of Online Transactions Shelli Wobken-Plagge May 7, 2009 Agenda How are economic and fraud trends evolving? What tools are available to secure online transactions? What are best
addressed. Specifically, a multi-biometric cryptosystem based on the fuzzy commitment scheme, in which a crypto-biometric key is derived from
Preface In the last decade biometrics has emerged as a valuable means to automatically recognize people, on the base is of their either physiological or behavioral characteristics, due to several inherent
Framework for Biometric Enabled Unified Core Banking
Proc. of Int. Conf. on Advances in Computer Science and Application Framework for Biometric Enabled Unified Core Banking Manohar M, R Dinesh and Prabhanjan S Research Candidate, Research Supervisor, Faculty
Accessing the bank account without card and password in ATM using biometric technology
Accessing the bank account without card and password in ATM using biometric technology Mini Agarwal [1] and Lavesh Agarwal [2] Teerthankar Mahaveer University Email: miniagarwal21@gmail.com [1], lavesh_1071985@yahoo.com
ARM7 Based Smart ATM Access & Security System Using Fingerprint Recognition & GSM Technology
ARM7 Based Smart ATM Access & Security System Using Fingerprint Recognition & GSM Technology Khatmode Ranjit P 1, Kulkarni Ramchandra V 2, Ghodke Bharat S 3, Prof. P. P. Chitte 4, Prof. Anap S. D 5 1 Student
ATM Security Using Fingerprint Biometric Identifer: An Investigative Study
ATM Security Using Fingerprint Biometric Identifer: An Investigative Study Moses Okechukwu Onyesolu Department of Computer Science Nnamdi Azikiwe University, Awka Anambra State, Nigeria. Ignatius Majesty
WHITE PAPER. Let s do BI (Biometric Identification)
WHITE PAPER Let s do BI (Biometric Identification) Fingerprint authentication makes life easier by doing away with PINs, passwords and hint questions and answers. Since each fingerprint is unique to an
A brief on Two-Factor Authentication
Application Note A brief on Two-Factor Authentication Summary This document provides a technology brief on two-factor authentication and how it is used on Netgear SSL312, VPN Firewall, and other UTM products.
Protected Cash Withdrawal in Atm Using Mobile Phone
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 2 Issue 4 April, 2013 Page No. 1346-1350 Protected Cash Withdrawal in Atm Using Mobile Phone M.R.Dineshkumar
Towards Securing E-Banking by an Integrated Service Model Utilizing Mobile Confirmation
Research Inventy: International Journal of Engineering And Science Vol.4, Issue 9 (Sept 2014), PP 26-30 Issn (e): 2278-4721, Issn (p):2319-6483, www.researchinventy.com Towards Securing E-Banking by an
ATM Transaction Security Using Fingerprint/OTP
ATM Transaction Security Using Fingerprint/OTP 1 Krishna Nand Pandey, 2 Md. Masoom, 3 Supriya Kumari, 4 Preeti Dhiman 1,2,3,4 Electronics & Instrumentation Engineering, Galgotias College of Engineering
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
GLOBAL JOURNAL OF ENGINEERING SCIENCE AND RESEARCHES
GLOBAL JOURNAL OF ENGINEERING SCIENCE AND RESEARCHES ATM SECURITY IMPROVEMENT USING FINGER PRINT Neelam Verma 1, Rakesh Patel 2, Priya Bag 3 Student,B.E.(IT) Kirodimal Institute of Technology,Raigarh(C.G.),India
SAFE SYSTEM: SECURE APPLICATIONS FOR FINANCIAL ENVIRONMENTS USING MOBILE PHONES
SAFE SYSTEM: SECURE APPLICATIONS FOR FINANCIAL ENVIRONMENTS USING MOBILE PHONES Sead Muftic 1, Feng Zhang 1 1Department of Computer and System Sciences, Royal Institute of Technology, Stockholm, Sweden
Section 2.3 Authentication Technologies. Authentication
Section 2.3 Authentication Technologies 1 Authentication The determination of identity, usually based on a combination of something the person has (like a smart card or a radio key fob storing secret keys),
An Innovative Two Factor Authentication Method: The QRLogin System
An Innovative Two Factor Authentication Method: The QRLogin System Soonduck Yoo*, Seung-jung Shin and Dae-hyun Ryu Dept. of IT, University of Hansei, 604-5 Dangjung-dong Gunpo city, Gyeonggi do, Korea,
Review Paper on Two Factor Authentication Using Mobile Phone (Android) ISSN 2319-9725
Review Paper on Two Factor Authentication Using Mobile Phone (Android) ISSN 2319-9725 Rahul Kale Neha Gore Kavita Nilesh Jadhav Mr. Swapnil Shinde Bachelor s Degree program in Information Technology Engineering
WHITE PAPER Usher Mobile Identity Platform
WHITE PAPER Usher Mobile Identity Platform Security Architecture For more information, visit Usher.com info@usher.com Toll Free (US ONLY): 1 888.656.4464 Direct Dial: 703.848.8710 Table of contents Introduction
Multi-factor authentication
CYBER SECURITY OPERATIONS CENTRE (UPDATED) 201 (U) LEGAL NOTICE: THIS PUBLICATION HAS BEEN PRODUCED BY THE DEFENCE SIGNALS DIRECTORATE (DSD), ALSO KNOWN AS THE AUSTRALIAN SIGNALS DIRECTORATE (ASD). ALL
Sound Business Practices for Businesses to Mitigate Corporate Account Takeover
Sound Business Practices for Businesses to Mitigate Corporate Account Takeover This white paper provides sound business practices for companies to implement to safeguard against Corporate Account Takeover.
Two-Factor Authentication over Mobile: Simplifying Security and Authentication
SAP Thought Leadership Paper SAP Mobile Services Two-Factor Authentication over Mobile: Simplifying Security and Authentication Controlling Fraud and Validating End Users Easily and Cost-Effectively Table
Opinion and recommendations on challenges raised by biometric developments
Opinion and recommendations on challenges raised by biometric developments Position paper for the Science and Technology Committee (House of Commons) Participation to the inquiry on Current and future
IDRBT Working Paper No. 11 Authentication factors for Internet banking
IDRBT Working Paper No. 11 Authentication factors for Internet banking M V N K Prasad and S Ganesh Kumar ABSTRACT The all pervasive and continued growth being provided by technology coupled with the increased
Application-Specific Biometric Templates
Application-Specific Biometric s Michael Braithwaite, Ulf Cahn von Seelen, James Cambier, John Daugman, Randy Glass, Russ Moore, Ian Scott, Iridian Technologies Inc. Introduction Biometric technologies
Enhanced Cloud Security through KFAC
Enhanced Cloud Security through KFAC Mahesh S Darak, Dr. N. K. Deshmukh Assistant Professor, School of Computational Sciences, S. R. T. M. University, Nanded, Maharashtra, India ABSTRACT: The current era
W.A.R.N. Passive Biometric ID Card Solution
W.A.R.N. Passive Biometric ID Card Solution Updated November, 2007 Biometric technology has advanced so quickly in the last decade that questions and facts about its cost, use, and accuracy are often confused
SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER
SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER Mrs. P.Venkateswari Assistant Professor / CSE Erode Sengunthar Engineering College, Thudupathi ABSTRACT Nowadays Communication
A SMART, LOCATION BASED TIME AND ATTENDANCE TRACKING SYSTEM USING ANDROID APPLICATION
A SMART, LOCATION BASED TIME AND ATTENDANCE TRACKING SYSTEM USING ANDROID APPLICATION Shermin Sultana 1, Asma Enayet 1 and Ishrat Jahan Mouri 1 1 Department of Computer Science and Engineering, Stamford
Analysis of Multimodal Biometric Fusion Based Authentication Techniques for Network Security
, pp. 239-246 http://dx.doi.org/10.14257/ijsia.2015.9.4.22 Analysis of Multimodal Biometric Fusion Based Authentication Techniques for Network Security R.Divya #1 and V.Vijayalakshmi #2 #1 Research Scholar,
An Enhanced Countermeasure Technique for Deceptive Phishing Attack
An Enhanced Countermeasure Technique for Deceptive Phishing Attack K. Selvan 1, Dr. M. Vanitha 2 Research Scholar and Assistant Professor, Department of Computer Science, JJ College of Arts and Science
Target Security Breach
Target Security Breach Lessons Learned for Retailers and Consumers 2014 Pointe Solutions, Inc. PO Box 41, Exton, PA 19341 USA +1 610 524 1230 Background In the aftermath of the Target breach that affected
Entrust IdentityGuard
+1-888-437-9783 sales@identisys.com IdentiSys.com Distributed by: Entrust IdentityGuard is an award-winning software-based authentication enterprises and governments. The solution serves as an organization's
May 2010. For other information please contact:
access control biometrics user guide May 2010 For other information please contact: British Security Industry Association t: 0845 389 3889 f: 0845 389 0761 e: info@bsia.co.uk www.bsia.co.uk Form No. 181.
Protect Your Customers and Brands with Multichannel Two-Factor Authentication
SAP Brief Mobile Services from SAP SAP Authentication 365 Objectives Protect Your Customers and Brands with Multichannel Two-Factor Authentication Protecting your most valuable asset your customers Protecting
Whitepaper on AuthShield Two Factor Authentication with ERP Applications
Whitepaper on AuthShield Two Factor Authentication with ERP Applications By INNEFU Labs Pvt. Ltd Table of Contents 1. Overview... 3 2. Threats to account passwords... 4 2.1 Social Engineering or Password
DigitalPersona, Inc. Creating the authentication infrastructure for a digital world.
DigitalPersona, Inc. Creating the authentication infrastructure for a digital world. Rising Security Needs Secure Access Control is Critical Users Access Security Information Engineering, Intellectual
Web Payment Security. A discussion of methods providing secure communication on the Internet. Zhao Huang Shahid Kahn
Web Payment Security A discussion of methods providing secure communication on the Internet Group Members: Peter Heighton Zhao Huang Shahid Kahn 1. Introduction Within this report the methods taken to
KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS
KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS Plurilock Security Solutions Inc. www.plurilock.com info@plurilock.com 2 H IGHLIGHTS: PluriPass is Plurilock static keystroke dynamic biometric
Design and Implementation of Automatic Attendance Check System Using BLE Beacon
, pp.177-186 http://dx.doi.org/10.14257/ijmue.2015.10.10.19 Design and Implementation of Automatic Attendance Check System Using BLE Beacon Mi-Young Bae and Dae-Jea Cho * Dept. Of Multimedia Engineering,
Design of Highly Secured Automatic Teller Machine System by Using Aadhaar Card and Fingerprint
International Journal of Engineering Science Invention ISSN (Online): 2319 6734, ISSN (Print): 2319 6726 Volume 3 Issue 5ǁ May 2014 ǁ PP.22-26 Design of Highly Secured Automatic Teller Machine System by
IDENTITY MANAGEMENT. February 2008. The Government of the Hong Kong Special Administrative Region
IDENTITY MANAGEMENT February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
Read this first. Copyright
Next Generation Banking system Cloud Banking Brochure Mobile Banking Service Provider Read this first Thank you for your interest in MBSP (Mobile Banking Service provider) Cloud Core Banking products.
User Behaviour Analytics
User Behaviour Analytics How do they know its really you? White Paper Sept 2015 Ezmcom Inc. 4701 Patrick Henry Drive BLDG 7, Santa Clara, CA, 95054, US Executive Summary Authentication has traditionally
Developing Electronic Passport And VISA System Using Smart Card Technology
Developing Electronic Passport And VISA System Using Smart Card Technology M. Semih UZUN 1, Banu DİRİ 2 1 Computer Engineering Department, Engineering Faculty, Dogus University, Acıbadem, Istanbul, Turkey
Secure communications via IdentaDefense
Secure communications via IdentaDefense How vulnerable is sensitive data? Communication is the least secure area of digital information. The many benefits of sending information electronically in a digital
Biometric Authentication Platform for a Safe, Secure, and Convenient Society
472 Hitachi Review Vol. 64 (2015), No. 8 Featured Articles Platform for a Safe, Secure, and Convenient Society Public s Infrastructure Yosuke Kaga Yusuke Matsuda Kenta Takahashi, Ph.D. Akio Nagasaka, Ph.D.
Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard
Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands Ian Wills Country Manager, Entrust Datacard WHO IS ENTRUST DATACARD? 2 Entrust DataCard Datacard Corporation. Corporation.
Enhancing Organizational Security Through the Use of Virtual Smart Cards
Enhancing Organizational Security Through the Use of Virtual Smart Cards Today s organizations, both large and small, are faced with the challenging task of securing a seemingly borderless domain of company
PROPOSED SOLUTION FOR BIOMETRIC FINGERPRINT TIME AND ATTENDANCE MANAGEMENT SYSTEM
PROPOSED SOLUTION FOR BIOMETRIC FINGERPRINT TIME AND ATTENDANCE MANAGEMENT SYSTEM By HEAD OFFICE ADDRESS: Last Floor, Ofures Place Complex, KM6, No. 162 Benin-Sapele Road Benin City, Edo State, Nigeria
Featuring The Restricted Accessed Global Environment
Featuring The RAGE Restricted Accessed Global Environment the worlds best kept secret - the secure upper internet What is Cyber-Security? Cyber-Security is the protection of information systems from theft
Fingerprint-Based Authentication System for Time and Attendance Management
British Journal of Mathematics & Computer Science 5(6): 735-747, 2015, Article no.bjmcs.2015.053 ISSN: 2231-0851 SCIENCEDOMAIN international www.sciencedomain.org Fingerprint-Based Authentication System
22 nd NISS Conference
22 nd NISS Conference Submission: Topic: Keywords: Author: Organization: Tutorial BIOMETRICS - DEVELOPING THE ARCHITECTURE, API, ENCRYPTION AND SECURITY. INSTALLING & INTEGRATING BIOMETRIC SYSTEMS INTO
Keywords: fingerprints, attendance, enrollment, authentication, identification
Volume 4, Issue 11, November 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com 94 POS Terminal
Device-Centric Authentication and WebCrypto
Device-Centric Authentication and WebCrypto Dirk Balfanz, Google, balfanz@google.com A Position Paper for the W3C Workshop on Web Cryptography Next Steps Device-Centric Authentication We believe that the
Multimodal Biometric Recognition Security System
Multimodal Biometric Recognition Security System Anju.M.I, G.Sheeba, G.Sivakami, Monica.J, Savithri.M Department of ECE, New Prince Shri Bhavani College of Engg. & Tech., Chennai, India ABSTRACT: Security
Bellevue University Cybersecurity Programs & Courses
Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320
Fingerprint-Based Authentication System for Time and Attendance Management
1 2 3 4 5 6 7 8 9 10 11 12 Fingerprint-Based Authentication System for Time and Attendance Management ABSTRACT Ikuomola, Aderonke Justina Ondo State University of Science and Technology, Okitipupa, Ondo
Dynamic Query Updation for User Authentication in cloud Environment
Dynamic Query Updation for User Authentication in cloud Environment Gaurav Shrivastava 1, Dr. S. Prabakaran 2 1 Research Scholar, Department of Computer Science, SRM University, Kattankulathur, Tamilnadu,
RFID based Bill Generation and Payment through Mobile
RFID based Bill Generation and Payment through Mobile 1 Swati R.Zope, 2 Prof. Maruti Limkar 1 EXTC Department, Mumbai University Terna college of Engineering,India Abstract Emerging electronic commerce
IIABSC 2015 - Spring Conference
IIABSC 2015 - Spring Conference Cyber Security With enough time, anyone can be hacked. There is no solution that will completely protect you from hackers. March 11, 2015 Chris Joye, Security + 1 2 Cyber
Chapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
True Identity solution
Identify yourself securely. True Identity solution True Identity authentication and authorization for groundbreaking security across multiple applications including all online transactions Biogy Inc. Copyright
FBZ General Information. Cloud Mobile Banking 13,10,14-5. Copyright FBZ 2012-2013 All rights reserved
FBZ General Information Cloud Mobile Banking 13,10,14-5 Copyright FBZ 2012-2013 All rights reserved FBZ General information Cloud Banking Copyright (c) 2012-2013 Page 1 Read this first Thank you for choosing
Securing corporate assets with two factor authentication
WHITEPAPER Securing corporate assets with two factor authentication Published July 2012 Contents Introduction Why static passwords are insufficient Introducing two-factor authentication Form Factors for
2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
A Study on Secure Electronic Medical DB System in Hospital Environment
A Study on Secure Electronic Medical DB System in Hospital Environment Yvette E. Gelogo 1 and Sungwon Park 2 * 1 Catholic University of Daegu, Daegu, Korea 2 Department of Nursing, Hannam University, 133
WISCONSIN IDENTITY THEFT RANKING BY STATE: Rank 15, 175.9 Complaints Per 100,000 Population, 9852 Complaints (2007) Updated January 16, 2009
WISCONSIN IDENTITY THEFT RANKING BY STATE: Rank 15, 175.9 Complaints Per 100,000 Population, 9852 Complaints (2007) Updated January 16, 2009 Current Laws: It is unlawful to intentionally use or attempt
Why You Need an SSL Certificate
Why You Need an SSL Certificate WHY YOU NEED AN SSL CERTIFICATE Introduction Recent numbers from the U.S. Department of Commerce show that online retail is continuing its rapid growth. However, malicious
Studying Security Weaknesses of Android System
, pp. 7-12 http://dx.doi.org/10.14257/ijsia.2015.9.3.02 Studying Security Weaknesses of Android System Jae-Kyung Park* and Sang-Yong Choi** *Chief researcher at Cyber Security Research Center, Korea Advanced
m Commerce Working Group
m-powering Development Initiative Advisory Board second meeting Geneva, 23 rd of May 2014 m Commerce Working Group M-Commerce structure 2 Definitions Mobile Device m-commerce MFS m-marketing m-banking
DATA SECURITY: EVERYTHING YOU NEED TO KNOW
DATA SECURITY: EVERYTHING YOU NEED TO KNOW! Data Breaches: Where, What and Why! Federal and State Regulations to Protect Data! EMV Chip Technology! PIN or Signature?! Existing and Emerging Security Options!
Proposal: A Design of E-learning User Authentication System
, pp.45-50 http://dx.doi.org/10.14257/ijsia.2015.9.1.05 Proposal: A Design of E-learning User Authentication System Byeong Ho Kang 1 and Hyejin Kim 2 1 School of Engineering and ICT, University of Tasmania,
Authentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business
Authentication Solutions Versatile And Innovative Authentication Solutions To Secure And Enable Your Business SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
Biometric For Authentication, Do we need it? Christophe Rosenberger GREYC Research Lab - France
Biometric For Authentication, Do we need it? Christophe Rosenberger GREYC Research Lab - France OUTLINE Le pôle TES et le sans-contact Introduction User authentication GREYC - E-payment & Biometrics Introduction
WHY YOU NEED AN SSL CERTIFICATE Introduction
WHY YOU NEED AN SSL CERTIFICATE Introduction People are getting smart about online security. More and more of them are looking for the padlock icon, the https prefix and a green address bar in their browser
Mathematical Model Based Total Security System with Qualitative and Quantitative Data of Human
Int Jr of Mathematics Sciences & Applications Vol3, No1, January-June 2013 Copyright Mind Reader Publications ISSN No: 2230-9888 wwwjournalshubcom Mathematical Model Based Total Security System with Qualitative
Supplier IT Security Guide
Revision Date: 28 November 2012 TABLE OF CONTENT 1. INTRODUCTION... 3 2. PURPOSE... 3 3. GENERAL ACCESS REQUIREMENTS... 3 4. SECURITY RULES FOR SUPPLIER WORKPLACES AT AN INFINEON LOCATION... 3 5. DATA
Learning Objectives. attacks. 2. Describe the common security practices of businesses of
E-Commerce Security Learning Objectives 1. Document the trends in computer and network security attacks. 2. Describe the common security practices of businesses of all sizes. 3. Understand the basic elements
a. StarToken controls the loss due to you losing your Internet banking username and password.
1. What is StarToken? StarToken is the next generation Internet banking security solution that is being offered by Bank of India to all its Internet Banking customers (Retail as well as Corporate). StarToken
AUTHENTICATION AND ACCESS CONTROL BEST PRACTICES FOR HEALTHCARE SYSTEMS
AUTHENTICATION AND ACCESS CONTROL BEST PRACTICES FOR HEALTHCARE SYSTEMS Lamaris Davis ICTN6865 East Carolina University Abstract Securing EHR s continue to be a huge problem for all health care organizations.
Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS
Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
Research Article. Research of network payment system based on multi-factor authentication
Available online www.jocpr.com Journal of Chemical and Pharmaceutical Research, 2014, 6(7):437-441 Research Article ISSN : 0975-7384 CODEN(USA) : JCPRC5 Research of network payment system based on multi-factor
WHITE PAPER AUGUST 2014. Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords
WHITE PAPER AUGUST 2014 Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords 2 WHITE PAPER: PREVENTING SECURITY BREACHES Table of Contents on t Become the Next Headline
Moving to Multi-factor Authentication. Kevin Unthank
Moving to Multi-factor Authentication Kevin Unthank What is Authentication 3 steps of Access Control Identification: The entity makes claim to a particular Identity Authentication: The entity proves that
Jane Ngozi Oruh Department of Computer Science, Michael Okpara University of Agriculture,Umudike, Umuahia, Nigeria. ngozibenphilips@gmail.
Three-Factor Authentication for Automated Teller Machine System Jane Ngozi Oruh Department of Computer Science, Michael Okpara University of Agriculture,Umudike, Umuahia, Nigeria. ngozibenphilips@gmail.com
AUTHENTIFIERS. Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes
AUTHENTIFIERS Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes Authentify delivers intuitive and consistent authentication technology for use with smartphones,
Top Ten Fraud Risks That Impact Your Financial Institution. Presented by Ann Davidson - VP Risk Consulting Allied Solutions LLC.
Top Ten Fraud Risks That Impact Your Financial Institution Presented by Ann Davidson - VP Risk Consulting Allied Solutions LLC Agenda Education on understanding the fraud risk Take away.. Education to
A secure email login system using virtual password
A secure email login system using virtual password Bhavin Tanti 1,Nishant Doshi 2 1 9seriesSoftwares, Ahmedabad,Gujarat,India 1 {bhavintanti@gmail.com} 2 SVNIT, Surat,Gujarat,India 2 {doshinikki2004@gmail.com}
THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS
THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS David Glockner, Managing Director strozfriedberg.com Overview The big picture: what does cybercrime look like today and how is it evolving? What
International Conference on Web Services Computing (ICWSC) 2011 Proceedings published by International Journal of Computer Applications (IJCA)
Issues and Challenges in Ensuring Trust, Security, Performance and Scalability in a Common Multi-Banking Solution Sree Rekha.G Research Assistant, CORI, PESIT, Bangalore. V.K.Agrawal, Director, CORI, PESIT,
Proactive Credential Monitoring as a Method of Fraud Prevention and Risk Mitigation. By Marc Ostryniec, vice president, CSID
Proactive Credential Monitoring as a Method of Fraud Prevention and Risk Mitigation By Marc Ostryniec, vice president, CSID The increase in volume, severity, publicity and fallout of recent data breaches
AADHAAR ENABLED PAYMENT SYSTEM
FREQUENTLYASKEDQUESTIONS BY CUSTOMERS FOR AADHAAR ENABLED PAYMENT SYSTEM Page 1 1. What is AEPS? AEPS is a new payment service offered by the National Payments Corporation of India to banks, financial