Security of mobile banking

IKT 2013 - 2013 5th Conference on Information and Knowledge Technology, 2013

Mobile phones are very popular due to small size, low weight, ease of use and increasing improvements in software and hardware. This popularity has caused a significant increase in the application of services via mobile phones since they are almost always available everywhere. One such service is mobile banking. When we talk about banking, financial issues and monetary transactions are discussed and obviously security is an integral part of it. One method is using SMS in mobile banking. In this paper we consider the challenges of using SMS-based mobile banking and finally, by using the parameters of GSM network positioning system we propose a novel protocol for encrypting SMS in mobile banking.

International Journal of Interactive Mobile Technologies (iJIM), 2011

Due to the widespread use of computer technologies in almost all aspects of life, organisations that are connected to the Internet started extending their services to their customers to include new applications and services that satisfy their customersâ?? desires to make better businesses. One of these emerging applications is mobile banking. The term mobile banking (or m-banking) describes the banking services that the user can perform via a mobile device ubiquitously at anytime and from anywhere. In order for users to access their accounts, they need a mobile device and network connectivity. Therefore, sitting in front of a computer is not a requirement anymore; accessing accounts can occur while users are waiting their turn at the dentist clinic or relaxing at the beach! This paper explores the opportunities of using mobile technology in the electronic banking (e-banking) sector to enhance existing banking services by moving toward m-banking using mobile devices and wireless medi...

2011

Owing to huge success of mobile telecom in the world and especially in Pakistan, the new business avenues like branchless banking and mobile money transfers are offering lot of opportunities. This paper will introduce latest method used for transfer of money in Pakistan along with security analysis of two major branch less banking services as both of these services are using SMS massaging system of GSM as basic instrument to carry out their transactions. Comparison of currently available mobile banking and money transfer services is also presented in tabular form.

In mobile banking schemes; financial services are availed and banking services are provided using mobile devices. GSM services are greatly utilized for data transmission by the technologies used in conducting mobile transactions. In their operations; these technologies send data in plaintext. Financial service providers tend to rely on the security services provided by the GSM which has been proved to be susceptible to cryptanalytic attacks. The used algorithms for crypto mechanisms are flawed leaving data carried through the network vulnerable upon interception. Operators need to take precaution by enforcing some protective measures on the information to be transmitted. This paper describes an SMS based model designed with security features to enhance data protection across mobile networks. Features for data encryption, integrity, secure entry of security details on the phone, and improved security policies in the application server are incorporated. We address issues of data confidentiality, user authentication and message integrity in order to provide end-to-end security of data carried on GSM networks.

In mobile banking schemes, financial services are available. Bankingservices are provided using mobile devices. Mobile phones are used for data used in carrying out mobile transactions via mobile applications. This paper describes the security check processfor improving the authentication of mobile applications for mobile banking in a bank in Srilanka. The mobile banking in a bank in Sri Lankawill be used as case study. The application includes security features to enhance data protection across mobile networks. Features for data encryption, integrity, secure entry of security details on the phone and improved security policies in the application server are incorporated. Issuesof data confidentiality, user authentication, and message integrity in order to provide end-to-end security of data carried on mobile networks is ensured. In particular, this project specifies theinclusion of a biometric component in the security authentication process in mobile banking in Srilanka. This is in a bit to improve the security platform. The paper only presents the general architecture of the proposedmobile app model, which includes the biometric security component, towards subsequent implementation.

2012 Tenth International Conference on ICT and Knowledge Engineering, 2012

Mobile banking (m-banking) is considered to be one of the most important mobile commerce applications currently available. The ubiquitous access to data with no place restrictions helps to promote this technology. The security and privacy of sensitive financial data is one of the main concerns in acceptance of these systems in Australia. It is specifically important to secure the transmission of the financial data between the financial institutions' server and the mobile device used by consumers, as their communications are via unsecured networks such as the Internet. In this paper, a trust negotiation approach is proposed to address these security concerns. Trust negotiation is combined with the Transport Layer Security (TLS) as the underlying protocol. This combination of technology aims to maximize the existing security of m-banking applications. It results in significant improvements in security compared to the traditional identity-based only access control techniques. The proposed approach is implemented as a mobile application. It demonstrates that the developed application is easy to use and deploy in typical mobile environments.

Mobile payments have been implemented in a number of ways using different technical and business models. Most of the solutions operating with mobile phones use GSM. GSM standard is one of the most popular standards in mobile communications because of SMS technology. SMS provides low cost, easy to use Text Messaging for mobile communication systems and is highly applied to advertising, banking, news, updates, and etc. In this paper we focus on using safe and secure SMS in banking. SMS, by nature, sends and receives clear text, and therefore, is not safe. Consequently, SMS message needs to be encrypted from client to the server to guarantee a secure communication. In this paper we propose a new approach for this goal.

 Abstract—This paper presents the design and implementation of Short Message Service (SMS) banking system. SMS banking is a technology – enabled service offered by banks to its customers, permitting them to operate banking services over their mobile phones using SMS messaging. The system was designs to eliminate the problems associated with other baking systems like queuing up to; check account balance, recharge mobile phone, obtain basic information regarding one's account, etc. To solve these problems, the project made use of a computer system running on visual basic (6.0) and General Packet Radio Service (GPRS) as its main components to develop a new technology in baking system that allows one to request and receive information to his / her mobile phone via Short Message Service (SMS), carry other baking activities " remotely " without being present at the bank. After the design, the system was used to carry out some transactions like; account balance enquiry, fund deposit / transfer, mobile phone recharge and the performance was satisfactory. At the end one can say that the (SMS) baking system is a wonderful breakthrough in banking industry developed to eliminate the inconvenience associated with other banking systems. Index Terms—automatic teller machine (ATM), electronic Banking (E-banking), general packet radio service (GPRS), global system mobile (GSM), short message service (SMS).

Journal of Multimedia, 2008

Nowadays m-banking (mobile banking) is widely used in many banks. It has embarked upon supply of various services based on different systems and with the aid of various services such as the Short Message Service (SMS). However in developing countries such as Iran, m-banking is facing some challenges. One of these challenges is the issue of language of this system, because the main language of this system, in both side of bank system and customer mobile phone, is English. Also one of the main issues in m-banking services is the security of the systems. For solving the above problems, we proposed a method in this paper. By this method we send secure banking messages as well as Persian SMS for mobile phones even they are lacking the support of Persian language. In this method, the Persian SMS message is changed into an SMS picture message and this picture is sent to the customer. Therefore any mobile phone can receive the message correctly in Persian language and also the security of sending the message is increased. This project is written in J2ME language (Java 2 Micro Edition) and has been implemented on Nokia mobile phones, models N71, 6680 and 3310.

— Short Message Service (SMS) is a very popular and easy-to-use communication medium for mobile phone users. Using SMS mobile user send some confidential information such as password , account number , banking information in the form of text message from one mobile to another mobile,. The information send in plaintext format the hacker easily read this information and privacy will not be maintained. Nowadays SMS is used for many value added services as mobile banking and e-commerce but due to lack of security this application rarely used. For this purpose we provide a solution that provides end to end security of the message with authentication, confidentiality, integrity. Hence we present a secure model for SMS mobile banking services tailored to suit mobile cellular phone users.