522Presentation-mobile-banking

522Presentation-mobile-banking - Mobile Banking Security...

Info iconThis preview shows pages 1–14. Sign up to view the full content.

View Full Document Right Arrow Icon
Mobile Banking Security Guillermo Zuniga Andrew Shore Sultan Almutairi
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
A Secure Energy-Efficient m-banking Application for Mobile Devices Maria-Dolores Cano Gines Domenech-Asensi
Background image of page 2
Introduction Goal Provide financial services Mobile Information Devices (MID) M-banking users 55 million in 2009 894 million expected in 2015
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Introduction (cont'd) Perceived usefulness Trust Perceived ease of use
Background image of page 4
Introduction (cont'd) Disadvantages of m-banking: Unreliability Loss of connectivity Battery consumption
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Related Works Financial Info Service General acct Info Mobile Accounting Service Previous balance/payment Mobile Brokerage Service Transfers/stock
Background image of page 6
Related Works (cont'd) SMS-banking SIM-toolkit m-banking Web browsing End-to-end application layer security
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Application Layer Protocol AES is chosen encryption algorithm SHA-1 used to compute hashes Symmetric key encryption scheme Protocol is broken up into 3 phases 1. Initial Authentication 2. Authentication 3. Operation
Background image of page 8
Application Layer Protocol Figure 2
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Initial Authentication Phase Performed only once Allows user to download application and generate a password for themselves Request number is generated to authenticate the user Server responds by providing a password (KU) Password is stored by bank and known by user
Background image of page 10
Initial Authentication Phase Figure 3
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Authentication Phase Performed when app starts Uses password given in initial authentication Login stored on device and cannot be modified by user Secret Key generated from password (Ks) Nonce, NR, used to prevent reply attacks
Background image of page 12
Authentication Phase Client sends AUTH_REQ
Background image of page 13

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 14
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 38

522Presentation-mobile-banking - Mobile Banking Security...

This preview shows document pages 1 - 14. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online