Security Analysis of Mobile Banking Services in Pakistan

In mobile banking schemes, financial services are available. Bankingservices are provided using mobile devices. Mobile phones are used for data used in carrying out mobile transactions via mobile applications. This paper describes the security check processfor improving the authentication of mobile applications for mobile banking in a bank in Srilanka. The mobile banking in a bank in Sri Lankawill be used as case study. The application includes security features to enhance data protection across mobile networks. Features for data encryption, integrity, secure entry of security details on the phone and improved security policies in the application server are incorporated. Issuesof data confidentiality, user authentication, and message integrity in order to provide end-to-end security of data carried on mobile networks is ensured. In particular, this project specifies theinclusion of a biometric component in the security authentication process in mobile banking in Srilanka. This is in a bit to improve the security platform. The paper only presents the general architecture of the proposedmobile app model, which includes the biometric security component, towards subsequent implementation.

2012

ABSTRACT The increased prevalence of mobile phones provides exciting opportunities for the growth of mobile banking (m-banking). This paper reviews the emerging research literature on mbanking. It presents a classification framework for m-banking research based on 65 m-banking papers published between 2000 and mid-2010 in Information Systems (IS), technology innovation, management, and marketing journals, and major IS conferences.

2020

With the rapid improvements of technology worldwide, systems are getting modernized and digitalized. Traditional and time-consuming systems are replaced by efficient computerized, time-saving ones. Human Computer Interaction (HCI) based approaches are paving the way for many of these efficient models and systems, making users’ life easier day by day. One of the most ancient and impactful economic systems is Banking. We also cite out some security issues regarding the transactions using mobile banking. We confine our scope within some specific parts of Bangladesh (Pabna and Chuadanga) and analyze the issues from users, bank managers and agents of this field during doing the work. We also cite out the best service offered to both users and agents by different mobile banking agencies, based on some Artificial Intelligence (AI) and machine learning techniques and also a comparison is also shown among different techniques. Moreover, an android application is also developed to show the su...

International Journal of Computing, 2021

SMS banking still becomes a popular way to make transaction inquiry in Indonesia. The technology protocol used by the service provider is still not secure. The majority of local banks in Indonesia still use non-secure SMS protocols standard. Therefore, an SMS Banking protocol, providing information security service in the transactional message, is urgently in need. Information security can be achieved through some security mechanisms, i.e., encipherment, digital signature, data integrity, and key exchange. These mechanisms are applicable through the implementation of cryptography. SMS Banking security protocol in this research runs through two steps. The first step is the transmission of the transaction request, and the second step is the transaction process. The encipherment is conducted using 3DES symmetric cryptography. Digital signature and data integrity are conducted using ECDSA asymmetric cryptography. The key exchange is conducted using ECDH. The test result showed that the ...

2017

The wide technologies enable people to connect and do the task wherever they are. The way people communicate and interact with others within their social circle has changed a lot with the evolution of internet. Today, rapid development in technology especially involving using of smartphone and tablet make the activities more easier and convenience in delivering the information. All parties especially financial institution today wants to give the best services to the customer and the competitive among banking sector keep rising day to day. The effective and efficient strategies management needs develop to face all the challenges. Since, mobile phone is one of the gadgets that all people use it in daily life so this is the opportunity for financial institutions to introduce mobile banking services. Regarding from that, most financial institution take initiative to provide variety facilities and bank transaction services to the customers just by using their fingertips anywhere and anyt...

ATM cards and systems have changed the lives of people. Now they have access to money all round the clock. This ease of access to money has brought forth a serious problem as well. There has been an increase in the amount of credit card frauds caused due to impersonating as the owner of the card in shops and also obtaining the PIN (Personal Identification Number) of the customer through some illegal means. The system proposed here ensures that only the authorized user can do any kind of banking transactions both in ATMs and in shops. The customers must initiate a transaction request from their mobile phones using the SMS (Short Message Service) feature that is present in all mobile phones. The customer sends a message to the bank server before he actually performs an actual banking transaction. After that he will approach either an ATM system or a shop that accepts card payments. The transaction request is sent to the bank server and hence authenticated.

 Abstract—This paper presents the design and implementation of Short Message Service (SMS) banking system. SMS banking is a technology – enabled service offered by banks to its customers, permitting them to operate banking services over their mobile phones using SMS messaging. The system was designs to eliminate the problems associated with other baking systems like queuing up to; check account balance, recharge mobile phone, obtain basic information regarding one's account, etc. To solve these problems, the project made use of a computer system running on visual basic (6.0) and General Packet Radio Service (GPRS) as its main components to develop a new technology in baking system that allows one to request and receive information to his / her mobile phone via Short Message Service (SMS), carry other baking activities " remotely " without being present at the bank. After the design, the system was used to carry out some transactions like; account balance enquiry, fund deposit / transfer, mobile phone recharge and the performance was satisfactory. At the end one can say that the (SMS) baking system is a wonderful breakthrough in banking industry developed to eliminate the inconvenience associated with other banking systems. Index Terms—automatic teller machine (ATM), electronic Banking (E-banking), general packet radio service (GPRS), global system mobile (GSM), short message service (SMS).

Journal of Applied Economics and Business Studies, 2017

Around the globe, various initiatives use the mobile phone to provide financial services to those without access to traditional banks. The current trend is that banks and telecommunication companies together are bringing the unbanked people under the financial umbrella through mobile banking. The aim of the current study is to find out the impact of mobile banking on various economic indicators of Pakistan. For this purpose, the current research was conducted in two phases; in the first phase, primary data were collected through a well-structured interview schedule from the users of mobile banking. In the second phase, primary data were collected through structured interviews from the mobile industry financial experts. This study found that mobile banking brings economic benefits for individuals, companies and countries. These economic benefits lead to bigger economic effects such as an increase in GDP growth, more foreign direct investment, remittances, increase in government’s tax...

International Journal of Science and Business , 2020

With the rapid improvements of technology worldwide, systems are getting modernized and digitalized. Traditional and time-consuming systems are replaced by efficient computerized, time-saving ones. Human Computer Interaction (HCI) based approaches are paving the way for many of these efficient models and systems, making users' life easier day by day. One of the most ancient and impactful economic systems is Banking. We also cite out some security issues regarding the transactions using mobile banking. We confine our scope within some specific parts of Bangladesh (Pabna and Chuadanga) and analyze the issues from users, bank managers and agents of this field during doing the work. We also cite out the best service offered to both users and agents by different mobile banking agencies, based on some Artificial Intelligence (AI) and machine learning techniques and also a comparison is also shown among different techniques. Moreover, an android application is also developed to show the summarization of the total work.

Through the rapid development of ICTs in Tanzania, banking industry has experienced rapid change in the ways of service delivery to their customers. The society has experienced a rapid development in communication sector particularly on the use of mobile phones for banking. The commercial banks in Tanzania have also revolved their ways of operating and serving their customers. The central bank of Tanzania (BoT) is responsible in defining all the payment systems in Tanzania and control all the transaction being done by the commercial banks operating in the land of Tanzania. Currently, Tanzania has many payment instruments as defined by the BoT which divided into two main group Cash and Non-Cash payments instruments. The latter includes: payment orders, bills of exchange, promissory notes, cheques and the electronic payment systems. In this paper, the security threats of these payment instruments have been discussed in detail. Some reported cases where organizations have been fleeced of their financial resources through dubious activities in Tanzania have been reviewed to verify the existing of the problem in discussion. In this paper, a Mobile phone based payment authentication system model to reduce the threats associated with non-cash payment implemented in Tanzania is proposed. Using this model, account holders are required to provide a final authentication of transaction through their registered mobile phone. This method if adopted will take care for any non-cash payment instruments. Also, some of the threats being discussed in this paper can be addressed by the proposed model.

Information, 2020

Smartphone technology has improved access to mobile money services (MMS) and successful mobile money deployment has brought massive benefits to the unbanked population in both rural and urban areas of Uganda. Despite its enormous benefits, embracing the usage and acceptance of mobile money has mostly been low due to security issues and challenges associated with the system. As a result, there is a need to carry out a survey to evaluate the key security issues associated with mobile money systems in Uganda. The study employed a descriptive research design, and stratified random sampling technique to group the population. Krejcie and Morgan’s formula was used to determine the sample size for the study. The collection of data was through the administration of structured questionnaires, where 741 were filled by registered mobile money (MM) users, 447 registered MM agents, and 52 mobile network operators’ (MNOs) IT ocers of the mobile money service providers (MMSPs) in Uganda. The collected data were analyzed using RStudio software. Statistical techniques like descriptive analysis and Pearson Chi-Square test was used in data analysis and mean (M) > 3.0 and p-value < 0.05 were considered statistically significant. The findings revealed that the key security issues are identity theft, authentication attack, phishing attack, vishing attack, SMiShing attack, personal identification number (PIN) sharing, and agent-driven fraud. Based on these findings, the use of better access controls, customer awareness campaigns, agent training on acceptable practices, strict measures against fraudsters, high-value transaction monitoring by the service providers, developing a comprehensive legal document to run mobile money service, were some of the proposed mitigation measures. This study, therefore, provides a baseline survey to help MNO and the government that would wish to implement secure mobile money systems.

International Journal of Computer Networks and Communications Security, 2013

Today, mobile commerce or m-commerce has been considered by many companies, business, and organizations. In mobile commerce, information security of financial transactions is very important. It is due to account information which exchanged including account number, password, credit accounts, etc. and the disclosure of this information will cause a lot of financial and moral losses. For this reason, it should be used algorithms for them to make and increase secure transactions. Among these algorithms, WAP, J2ME, Toolkit SIM applications are identified and described in this article based on a systematic review. In addition, there are some recommendations regarding to suit different situations to implement a particular algorithm for this issue. More results are subsequently explained in this paper. Keywords: Algorithms, security, mobile, mobile device.

Globally, various initiatives use the mobile phone to provide financial services to those with or without access to traditional banks. This paper outlined vividly the use of mobile phone in the banking industry, its economic implications, and in general a systematic look into the various forms of mobile banking with emphasis on the security measures that makes the whole process safe for adoption. The emergence of mobile banking technology systems has implications for the general discussions about mobile telephony in the developing world. Existing theory about the significance of mobile communications in the developing world has focused on voice and text messaging. Moreso, the emergence of mobile banking also underscores how, occasionally, innovations emerge from unexpected places and have the capability of reconfiguring the significance of a technology to its users, offering a way to lower the costs of moving money from place to place and opening a way to bring more users into contact with formal financial systems.

IKT 2013 - 2013 5th Conference on Information and Knowledge Technology, 2013

Mobile phones are very popular due to small size, low weight, ease of use and increasing improvements in software and hardware. This popularity has caused a significant increase in the application of services via mobile phones since they are almost always available everywhere. One such service is mobile banking. When we talk about banking, financial issues and monetary transactions are discussed and obviously security is an integral part of it. One method is using SMS in mobile banking. In this paper we consider the challenges of using SMS-based mobile banking and finally, by using the parameters of GSM network positioning system we propose a novel protocol for encrypting SMS in mobile banking.

IOP, 2020

The traditional banking system, such as transactions over the counter using bank book is enhanced by adding the elements of electronic banking, where nowadays all transaction can be done over the network, because of globalization and the advancement of information and communication technology. However, significant threats to this technology also come in parallel, such as from banking frauds. This is why building trust among banking users by providing security mechanisms is very important. In the electronic banking, security mechanisms mainly focus on proving a secure environment for the online transaction, especially user authentication. Many researchers have been proposed various models for the online user access authentication for the banking industry. Most of the researches are based on traditional the form of username and password, but with the varying mechanism of password forms. For example, password in arbitrary value, password in arbitrary value through secured channel, as well as biometric like fingerprint recognition, voice recognition, or retina recognition. In this paper we reviewed the current existing user access for online banking based on mobile phone, the functions of the SIM card, the characteristics mobile of the SIM card are described. Cloning, a threat to the SIM card is also described. Findings show that all the security model for online user access contains password in the form of value, biometric, or PIN. Thus, none of the existing user access proposed the idea of the user access based on International Mobile Equipment Identity (IMEI) number to strength the security of the user access. The IMEI is a 15-or 17-digit code that uniquely identifies mobile phone sets.