CFP last date
20 January 2025
Reseach Article

Improving Mobile Money Security with Two-Factor Authentication

by Adam B. Mtaho
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 109 - Number 7
Year of Publication: 2015
Authors: Adam B. Mtaho
10.5120/19198-0826

Adam B. Mtaho . Improving Mobile Money Security with Two-Factor Authentication. International Journal of Computer Applications. 109, 7 ( January 2015), 9-15. DOI=10.5120/19198-0826

@article{ 10.5120/19198-0826,
author = { Adam B. Mtaho },
title = { Improving Mobile Money Security with Two-Factor Authentication },
journal = { International Journal of Computer Applications },
issue_date = { January 2015 },
volume = { 109 },
number = { 7 },
month = { January },
year = { 2015 },
issn = { 0975-8887 },
pages = { 9-15 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume109/number7/19198-0826/ },
doi = { 10.5120/19198-0826 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:44:08.335905+05:30
%A Adam B. Mtaho
%T Improving Mobile Money Security with Two-Factor Authentication
%J International Journal of Computer Applications
%@ 0975-8887
%V 109
%N 7
%P 9-15
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Security is a leading factor for establishing and maintaining customer trust in mobile money services (MMSs). MMSs in Tanzania rely on the use of Personal Identification Number (PIN) as an authentication method. However, a PIN can be easily guessed, forged or misused. This paper explores security challenges in MMSs and weaknesses associated with the current Mobile Money Authentication (MMA) method. Further, the study proposes the use of two-factor authentication model as an alternative method. The proposed model combines the current approach of using PIN and adds another layer of security that uses fingerprint recognition technology. Evaluation of the proposed model shows that it mitigates security vulnerabilities that exist in the current MMA method.

References
  1. Gilman, Lara and Joyce, Michael. Managing the Risk of Fraud in Mobile Money. GSMA: Mobile Money for Unbanked (MMU). 2012.
  2. Chong, M. K. , Security of Mobile Banking: Secure SMS banking. Data Network Architectures Group. University of Cape Town, South Africa, 2006.
  3. Alex Dobie. How to Tell If Your Samsung Phone is Vulnerable to Today's USSD Hack. Android Central, Retrieved 20 September 2014.
  4. ITU. The Mobile Money Revolution Part 2: Financial Inclusion Enabler. ITU-T Technology Watch Report. May 2013.
  5. Janagoudar Sanganagouda. USSD: A Communication Technology to Potentially Oust SMS Dependecy. Aricent. September 2011.
  6. Gunnar Camner, Caroline Pulver and Emil Sjöblom. What Makes a Successful Mobile Money Implementation? Learnings from M-PESA in Kenya and Tanzania. GSMA.
  7. Vanja Svajcer. Not Just for PCs Anymore: The Rise ofMobile Malware. Sophos. 2014.
  8. Chuanxiong Guo, Helen J. Wang and Wenwu Zhu. Smart-Phone Attacks and Defenses. In: Proceedings of the 3rd Workshop on Hot Topics in Networks (HotNets). November, 2004.
  9. Robert Richardson. CSI Computer Crime and Security Survey. 2008.
  10. Smartphone: Information security risks, opportunities and recommendations for users, ENISA Report (December 2010).
  11. A. Basigie Mtaho and L. Mselle . International journal of Computer Science & Network Solutions. The electronic version of Securing Mobile Money Services in Tanzania: A Case of Vodacom M-Pesa, IJCSNS vol. 2, issue 5, 2014.
  12. Joseck Luminzu Mudiri. Fraud in Mobile Financial Services. Microsave, 2013.
  13. Joseph Bonneau, SorenPreibusch, Ross Anderson. A birthday presents every eleven wallets? The security of customer-chosen banking PINs. Lecture Notes in Computer Science Volume 7397, 2012, pp. 25-40.
  14. Harold F. Tipton, CISSP, Micki Krause. Information Security Management Handbook, Fifth Edition, CRC Press LLC, 2004.
  15. Intermedia. Tanzania Mobile Money Tracker Study: Wave 4 Report, InterMedia. March 2013.
  16. Harris, A, Goodman, S, &Traynor, P 2013, Privacy and security concerns associated with mobile money applications in Africa, 8 Washington Journal of Law, & Arts 245 (2013).
  17. Mangala Belkhede, Veena Gulhane, Dr. Preeti Bajaj. Biometric Mechanism for enhanced Security of Online Transaction on Android system: A Design Approach. 14th International Conference on Advanced Communication Technology (ICACT), pp. 1193 – 1197, 2012.
  18. Jyotsana Goyal and Dinesh Goyal. Design of Improved Algorithm for Mobile Payments Using Biometrics. International Journal of Research in Engineering & Advanced Technology, Volume 1, Issue 6, Dec – January 2014.
  19. Pawandeep Singh Aujla and HarneetArora. A Secure Account based Mobile Payment Protocol with Public Key Cryptography and Biometric Characteristics. International Journal of Science and Research (IJSR), India, Online ISSN: 2319?7064, March 2013.
  20. Karen Scarfone MurugiahSouppaya. Guide to Enterprise Password Management. 2009.
  21. F. Aloul, S. Zahidi, and W. El-Hajj. Two Factor Authentication Using Mobile Phones. IEEE International Conference on Computer Systems and Applications (AICCSA), Rabat, Morocco, 641-644, May 2009.
  22. Sagar Acharya, Apoorva Polawar, P. Y. Pawarn. Two Factor Authentication Using Smartphone Generated One Time Password. IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278 - 0661, p - ISSN: 2278 – 8727, Volume 11, Issue 2 (May - Jun. 2013), PP 85 – 90.
  23. Bauckman, Dena Terry, Nigel Paul Johnson, and David Joseph Robertson. "Multi-Factor Authentication. " U. S. Patent No. 20,130,055,368. 28 Feb. 2013.
  24. B. Schneier. Two-Factor Authentication: Too Little, Too Late. In Inside Risks 178, Communications of the ACM, 48(4), April 2005.
  25. T. Venkat NarayanaRao, Vedavathi K. Authentication Using Mobile Phone as a Security Token. International Journal of Computer Science Engineering and Technology (IJCSET). October, 2011, Vol 1, Issue 9, 569-574.
  26. Shon, T. -H. , & Swatman, P. M. C. Identifying effectiveness criteria for Internet payment systems. Internet Research, 8 (3), 202-218, 1998.
  27. Nadarajah Manivannan, Celalettin Tigli, Azad Noor, Shahzad Memon. Fingerprint Biometric for Identity management. International Journal of Industrial Engineering and Management (IJIEM), Vol. 2 No 2, pp. 39-44, 2011
Index Terms

Computer Science
Information Sciences

Keywords

Authentication Biometric Fingerprint Mobile Money Services PIN Two-Factor Authentication