Osama anwer ahmed saeed
Cybersecurity 3
applications that use mutual authentication
Introduction
Mutual authentication is a security mechanism that ensures both
parties involved in a communication are who they claim to be. This process involves
verifying the identities of both the sender and the receiver before allowing data
exchange .
Common Use Cases
2.1 Online Banking : Protects customers from unauthorized access to their accounts and
prevents fraudulent transactions.
2.2 E-commerce: Ensures secure online shopping experiences and protects customer
payment information.
2.3 VPN Connections: Verifies the identity of clients connecting to a virtual private network,
preventing unauthorized access to sensitive corporate resources.
2.4 Wireless Networks: Secures wireless connections by requiring both the client and the
access point to authenticate each other.
2.5 Single Sign-On: Allows users to log in to multiple applications with a single set of
credentials, while ensuring that only authorized users can access each application.
Mutual Authentication Protocols
• Kerberos : A widely used network authentication protocol developed by MIT. It uses
symmetric encryption to protect communication between clients and servers.
• X.509: A standard for digital certificates used to verify the identity of individuals and
organizations. It is commonly used in HTTPS and other secure communication
protocols.
• OAuth: An authorization framework that allows users to grant third-party applications
access to their data without sharing their credentials.
Authentication Mechanisms
� • Password-Based Authentication: The most common method, requiring users to
provide a username and password. However, it is susceptible to password cracking and
phishing attacks.
• Token-Based Authentication: Involves the use of security tokens, such as hardware
tokens or software-generated codes, to verify identity. These tokens often provide a
higher level of security than password-based authentication.
• Biometric Authentication: Uses physical characteristics, such as fingerprints, facial
recognition, or voice recognition, to verify identity. Biometric authentication is generally
considered more secure than password-based methods.
• Certificate-Based Authentication: Uses digital certificates issued by trusted
authorities to verify the identity of parties involved. This method is commonly used in
secure communication protocols like HTTPS.
card networks as Online Banking
• VISA " VISA, Mastercard, and American Express act as card networks for the
• Mastercard clearing and settling of funds. The card acquiring bank and the card issuing
bank can be – and often are – different. If banks were to settle
transactions one by one without an intermediary, each bank would have to
settle the transactions with all the other banks. This is quite inefficient."
Authorization
flow happens
when the
customer swipes
the credit card
Authorization Flow
(Customer receives approval in
real time)
Authorization Flow
• Step 0: The card issuing bank issues credit cards to its customers.
• Step 1: The cardholder wants to buy a product and swipes the credit card at the Point of
Sale (POS) terminal in the merchant’s shop.
• Step 2: The POS terminal sends the transaction to the acquiring bank, which has
provided the POS terminal.
• Steps 3 and 4: The acquiring bank sends the transaction to the card network, also called
the card scheme. The card network sends the transaction to the issuing bank for
approval.
• Steps 4.1, 4.2 and 4.3: The issuing bank freezes the money if the transaction is
approved.
� Capture and
settlement flow
happens when
the merchant
wants to get the
money at the end
of the day
Capture and Settlement Flow
(Merchant receives money at
end-of-day)
Capture and Settlement Flow
• Steps 1 and 2: The merchant wants to collect the money at the end of the day, so they
hit ”capture” on the POS terminal. The transactions are sent to the acquirer in batch.
The acquirer sends the batch file with transactions to the card network.
• Step 3: The card network performs clearing for the transactions collected from different
acquirers, and sends the clearing files to different issuing banks.
• Step 4: The issuing banks confirm the correctness of the clearing files, and transfer
money to the relevant acquiring banks.
• Step 5: The acquiring bank then transfers money to the merchant’s bank.
• Step 4: The card network clears the transactions from different acquiring banks. Clearing
is a process in which mutual offset transactions are netted, so the number of total
transactions is reduced.
" In the process, the card network takes on the burden of talking to each bank and receives
service fees in return. "
