One-touch Financial Transaction Authentication
نویسندگان
چکیده
We present a design for a Wi-Fi user-authentication token that tunnels data through the SSID field, packet timing, and packet length. Previous attempts to build an online-banking transaction-signing token have been only moderately successful, due in large part to usability problems. Average consumers, especially in the United States, are simply unwilling to transcribe strings of digits from PC to token and back again. In a departure from previous work, our token communicates using point-to-point side-channels in Wi-Fi that allow two devices to directly exchange messages – even if one is also connected to an access point. The result is a token that can authenticate transactions using only one touch by the user. The increased usability means more transactions can be authenticated, reducing fraud and driving more banking business online.
منابع مشابه
A Need for Peer-to-peer Strong Local Authentication Protocol (p2pslap) in Mobile Banking
Mobile phones are considered to be the most common devices in history of humankind. They have involved in financial transaction such as mobile banking and mobile payment, which include sensitive information. Public key cryptography is the proven solution that can provide secure transaction at every point of interaction in mobile banking value chain. This paper proposes a need for peer-to-peer S...
متن کاملBiometric Transaction Authentication Protocol: Formal Model Verification and "Four-Eyes" Principle Extension
The BTA protocol for biometric authentication of online banking transactions is extended to allow for multiple person authenticated transactions. In addition a formal specification is given, the protocol is modelled in the applied pi calculus and the security properties of data and person authentication as well as non-repudiation are verified using the tool ProVerif.
متن کاملEnhanced Security for Preventing Man-in-the-Middle Attacks in Authentication, Data Entry and Transaction Verification
There is increasing coverage in the literature highlighting threats to online financial systems. Attacks range from the prevalent reverse social engineering technique known as phishing; where spam emails are sent to customers with links to fake websites, to Trojans that monitor a customer’s account log on process that captures authentication details that are later replayed for financial gain. T...
متن کاملEvaluation of transaction authentication methods for online banking
Authentication is a major research topic in the information security field. Much has been written about assessing entity (user) authentication methods, but there is a lack of literature concerning the evaluation of financial transaction authentication in online banking. Entity authentication methods have been systematized by quantifying their qualitative aspects, but there is no evaluation mech...
متن کاملA Multifactor Secure Authentication System For Wireless Payment
Organizations are deploying wireless based online payment applications to expand their business globally, it increases the growing need of regulatory requirements for the protection of confidential data, and especially in internet based financial areas. Existing internet based authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of t...
متن کامل