CFP last date
20 December 2024
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper
Know more
The week's pick
Responsive image
Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen
Random Articles
Reseach Article

Secure Android-based Mobile Banking Scheme

by Hisham Sarhan, Ahmed A. Hafez, A.safwat, A.a. Hegazy
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 118 - Number 12
Year of Publication: 2015
Authors: Hisham Sarhan, Ahmed A. Hafez, A.safwat, A.a. Hegazy
10.5120/20797-3460

Hisham Sarhan, Ahmed A. Hafez, A.safwat, A.a. Hegazy . Secure Android-based Mobile Banking Scheme. International Journal of Computer Applications. 118, 12 ( May 2015), 21-26. DOI=10.5120/20797-3460

@article{ 10.5120/20797-3460,
author = { Hisham Sarhan, Ahmed A. Hafez, A.safwat, A.a. Hegazy },
title = { Secure Android-based Mobile Banking Scheme },
journal = { International Journal of Computer Applications },
issue_date = { May 2015 },
volume = { 118 },
number = { 12 },
month = { May },
year = { 2015 },
issn = { 0975-8887 },
pages = { 21-26 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume118/number12/20797-3460/ },
doi = { 10.5120/20797-3460 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:01:30.301681+05:30
%A Hisham Sarhan
%A Ahmed A. Hafez
%A A.safwat
%A A.a. Hegazy
%T Secure Android-based Mobile Banking Scheme
%J International Journal of Computer Applications
%@ 0975-8887
%V 118
%N 12
%P 21-26
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Smartphones and other mobile computing devices are being widely adopted globally [1]. The increasing popularity of smart devices has led users to perform all their day to day activities using these devices [2]. Hence, M-banking has become more convenient, effective and reliable [3]. It is extremely necessary to provide the security services including; confidentiality, integrity, and authentication between the financial institutions' servers and the mobile device used by the customer, as their communications are through unsecured networks such as the Internet [4]. Users' confidential information may be at risk due to fixed values-based security schemes, one level authentication, separate hard token-based authentication, hardware stealing, and Android-Based attacks. This paper specifies a comprehensive sought of how M-banking schemes can be assessed. Also it introduces a solution to mitigate most of these risks.

References
  1. Adam Skillen and Mohammad Mannan "Mobiflage: Deniable Storage Encryption for Mobile Devices", IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 11, NO. 3, MAY-JUNE 2014.
  2. Yuksel, Zaim, and, Aydin, "A Comprehensive Analysis of Android Security and Proposed Solutions" I. J. Computer Network and Information Security, 2014, 12, 9-20.
  3. Chang and Deng, "Secure OTP and Biometric Verification Scheme for Mobile Banking", 2012 Third FTRA International Conference on Mobile, Ubiquitous, and Intelligent Computing.
  4. Majda, and Eihab, "Enhanced Model for PKI Certificate Validation in the Mobile Banking", 2013, international conference on Computing, Electrical and Electronic engineering (ICCEEE).
  5. Narendiran, Rajendran and Albert, "PUBLIC KEY INFRASTRUCTURE FOR MOBILE BANKING SECURITY".
  6. Cooper, Santesson, Farrell, Boeyen, Housley, Polk . 2008. "Internet X. 509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile" RFC 5280.
  7. Miriam, Ben-Av, and, Gerdov, "StoreDroid: Sensor-Based Data Protection Framework for Android", Wireless Communications and Mobile Computing Conference (IWCMC), pages 511 – 517, Aug-2014.
  8. https://source. android. com/devices/tech/security/index. html.
  9. https://developer. android. com/reference/android/Manifest.
  10. https://developer. android. com/reference/android/Manifest. Permission. html.
  11. A Shabtai, Fledel, and Elovici. ," Securing android-powered mobile devices using selinux", Ben-Gurion University. IEEE computer and reliability society, pages 36–44, May 2010.
  12. Mohammad Nauman, Sohail Khan, and Xinwen Zhang, "Apex: Extending android permission model and enforcement with user-defined runtime constraints", In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS '10, pages 328–332, New York, NY, USA, 2010.
  13. Analysis for Vetting Undesirable" IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 9, NO. 11, NOVEMBER 2014.
  14. Jinseong, Micinski, Jeffrey, Nikhilesh, Foster, Fogel, and Millstein, "Dr. Android and Mr. Hide: Fine-grained Permissions in Android Applications", SPSM'12, October 19, 2012, Raleigh, North Carolina, USA.
  15. Backes, Gerling Hammer, and Styp-Rekowsky, "AppGuard - Enforcing User Requirements on Android Apps A "Saarland University, Saarbrücken, Germany.
  16. Amol Bhatnagar, Shekhar Tanwar, and R. Manjula, "Secure Multiple Bank Transaction Log", Inter. Journal of Research in Eng. And Technology IJRET, Apr-2014.
  17. Sangram Ray and G. P. Biswas, "Design of Mobile Public Key Infrastructure (M-PKI) using Elliptic Curve Cryptography", Int. Journal on Crypt. And information security (IJCIS), Vol. 3, No. 1, March2013.
  18. Chang-Lung Tsai Chun-Jung Chen and Deng-Jie Zhuang, " Secure OTP and Biometric Verification Scheme for Mobile Banking", Third FTRA international conference on mobile, Ubiquitous and intelligent computing,2012.
  19. Hao Zhao and Sead Muftic, "Design and Implementation of a Mobile Transactions Client System : Secure UICC Mobile Wallet", IJISR, International Journal for information security research , Volume 1 , issue 3 , Sep. 2011.
  20. Adam Skillen and Mohamed Mannan, "Mobiflage: Deniable Storage Encryption for Mobile Devices", IEEE, Transaction on dependable and secure computing, Vol11, No. 3, May-June 2014.
  21. Morris Dworkin, "Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices", NIST Special Publication 800-38E, January- 2010.
  22. I. G. Torrego 2009 Study of the IEEE Standard 1619. 1: Authenticated Encryption with Length Expansion for Storage Devices. Master of Science in Communication Technology, Norwegian University of Science and Technology Department of Telematics.
Index Terms

Computer Science
Information Sciences

Keywords

Dynamic Initialization vector Overlaid AES modes Multi-Layer Authentication Variable keys

Powered by PhDFocusTM