Comparative Study and evolution of Mobile Banking Security Solutions and Comparision between Various Solutions
DOI:
https://doi.org/10.26438/ijcse/v7i8.227232Keywords:
NFC, TSM, WAP, PKI, GSM, GPRS, SIM, SMS, Mobile PKI, Wireless PKI, Lightweight PKIAbstract
Due to the rapidly increasing use of mobile phones, it is essential to provide a secure solution for mobile phones; with the evolution of mobile commerce, it is obvious to provide a secure and efficient solution for the mobile environment. Day by day usages of mobile devices is huge and consumers are getting familiar with the various purposes of devices such as mobile banking. This paper focuses and describes various types of mobile banking methods and their possible security solutions. In the first part mobile banking solutions using contactless technology – Near Field Communication (NFC) is discussed with its limitations in terms of security. In addition, we also address the security weaknesses of Wireless Application Protocol (WAP) and Wireless Transport Layer Security (WTLS). To overcome the above mention weaknesses, in the second part different solutions of mobile banking with Public Key Infrastructure such as MPKI, WPKI, ECC, LPKI are discussed with its limitations and possible solutions to overcome the limitations.
References
[1] Venessa Pegueros : “Security of mobile banking and payments” : GIAC (GSEC) Gold certificate, 2012.
[2] S. Schwiderski- Grosch and H. Knopse : “ Secure Mobile commerce”, Electronic And communication engineering journal , Vol. 14, Issue 5, pp-228-238,2002.
[3] Nikolaos Zacharopoulos, An ISACA Emerging Technology White paper: “Mobile Payments, risks Security and assurance issues”, November 2011.
[4] Balachandra Muniyal,Krishna Prakash, Shashank Sharma : “wireless public key infrastructure for mobile phones”: International Journal of Network Security & Its Applications (IJNSA), Vol.4, No.6, pp. 111-118, 2012.
[5] Yong lee, Jaeil Lee, JooSeok Song, "Design and Implementation of wireless PKI technology suitable for mobile phone in mobile commerce”,Science Direct, Computer communication 30, pp.893-902, 2007.
[6] Sangram Ray, G. P. Biswas, “design of mobile public key infrastructure (m-PKI) using elliptic curve cryptography”, International Journal on Cryptography and Information Security (IJCIS), Vol.3, No.1, pp. 25-37, 2013.
[7] Ke Gu,Na Wu,Yongzhi Liu,Fei Yu and Bo Yin : “WPKI Certificate Verification Scheme Based on Certificate Digest Signature-Online Certificate Status Protocol” :Mathematical Problems in Engineering, Volume 2018, Article ID 7379364, 19 pages.
[8] M. Toorani and A. Beheshti, "LPKI - A lightweight public key Infrastructure for the mobile environments," 11th IEEE Singapore International Conference on Communication Systems, Guangzhou, , pp. 162-166, 2008.
[9] Y. Zheng : “Digital signcryption or how to achieve Cost (Signature & Encryption) << Cost (Signature) + Cost (Encryption),” Advances in Cryptology–CRYPTO`97, LNCS 1294, Springer-Verlag, pp.165-179, 1997.
[10] K. Zeilenga,“Lightweight Directory Access Protocol (LDAP): Schema Definitions for X.509 Certificates”, RFC 4523, 2006.
[11] H. Krawczyk : “HMQV: A high-performance secure Diffie-Hellman protocol (Extended Abstract)” : Advances in Cryptology – CRYPTO`05, LNCS 3621, Springer-Verlag, pp.546-566, 2005.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.
