Introduction to Secured Authentication For Online Banking Using Mobile Phones Project:
Online banking is all about money transactions through a secured website by any virtual or retail bank, credit union. It got some common features too, which are divided several categories.
Generally conducting a financial transaction like account to account transfer, online purchasing, payment of any bill, etc. whereas in Non-transactional it is cheque links , co browsing , etc.
SECURITY: Generally there are two different types of security methods.
The system is called as PIN/TAN in which the PIN is a password used to login and TAN is one-time passwords, but it can create different problems so for secured way of using TANs should be done by a security token.
ATTACKS: Normally online attacks are based on the user steal login data and valid TANs. Correct transactions and fake transactions are shown on the screen and in the background respectively, so by this it can be identified.
COUNTERMEASURES: To avoid phishing and pharming kind attacks users should use scanners and should be careful while downloading software.
Secure Hash Algorithm: this algorithm is a series of cryptographic hash functions i.e., a block of data is converted into a fixed size bit string, for a secured password hashing.
BASE64: It is a group of encoding schemes for translating or encoding the data from binary to textual and even storing complex kind of data, etc in different form but with no change in the data.
Client Design: J2ME program is to be installed on the mobile phone, and then the key token program generates the dynamic key such as IMEI, IMSI numbers and token sent by the server through a text message. And username, pin must be entered to get security token.
Database Design: It is used to store complete information about the clients .
Implementation: computer based software tokens is the proposed system which is secured and consists of 3 parts, namely,
1. Installed software, 2. Server software, 3. GSM modem.
Registration and Login Module: The basic information such as name, age, addressed. Are to be registered while creating the account, it includes both IMEI and IMSI numbers.
ATM process module: When the client enters the token number, the server identifies and extracts from the stored Database. Then further processes like withdrawal, fast cash, balance enquiry, can be done if authentication is successful.
Generally for each and every transaction, a unique password token is given in order to avoid theft or hacking attacks.
FUTURE ENHANCEMENTS
User friendly, proposed work on various mobiles, Bluetooth and WLAN features for cheaper token generation.
The Proposed system is successfully implemented and tested for secure.
Download Secured Authentication For Online Banking Using Mobile Phones CSE Project Report.