Presentation is loading. Please wait.

Presentation is loading. Please wait.

Usably Secure, Low-Cost Authentication for Mobile Banking Saurabh Gupta Sandeep Kumar Gupta.

Published byAvice Stone Modified over 9 years ago

Similar presentations

Presentation on theme: "Usably Secure, Low-Cost Authentication for Mobile Banking Saurabh Gupta Sandeep Kumar Gupta."— Presentation transcript:

1 Usably Secure, Low-Cost Authentication for Mobile Banking Saurabh Gupta Sandeep Kumar Gupta

2 Need For Mobile Banking  People need money on the run.  Banks provide security, interest.

3 Use Cases – Buying Something

4 Use Case - Depositing Money

5 Use Case – Withdrawing Money

6 What Security ?

7 How is it secured on Mars ? Application level encryption  Typically have an application implementing the favorite encryption scheme.  Provides end to end encryption. Possible because  Can ask people to install and use them.  Phones are powerful enough to run them.

8 Challenges on Earth  Fundamentally, GSM channel is weakly encrypted.  Can not rely on network layer encryption.  Need for end to end encryption  Can not install applications on user ends.

9 Mobile Banking In General o Cell Phone o 2 factor authentication o 4 digit pin o A codebook with synchronized security tokens.

10 Old Scheme New Scheme Overview of 2 schemes  Both use 2 factor authentication schemes.

11 Question: Impersonator? 1. 2. 3. Security Analysis 4 different types of attacks considered. Pin Recovery Type 0: Impersonator gets phone Type 1: Impersonator gets phone and codebook Type 2: Impersonator gets phone and PIN

12 Security Analysis Pin Recovery Type 0: Impersonator gets phone Type 1: Impersonator gets phone and codebook Type 2: Impersonator gets phone and PIN

13 User Study  Ethnography  15 people from Delhi  19 people from Bihar  Composition  8 agents  13 existing users  13 potential users  Tasks  Plain PIN entry  EKO signature formulation  New signature formulation

14 Parameters Recorded

15 Results

16 Results

17 Results

18 Discussion  Effect of increased cognitive effort.  Effect of entering only 4 digits instead of 10.  Statistical significance of results

19 User Case Studies What is required to validate your claim? from the perspective of paper publishing? o Novelty of the idea. o Quick papers for promotion. for proving soundly? o Acceptability of the idea.

20 Parameters studied in this paper: 1. 2. Parameters that should have been studied: 1. 2.

21 Solutions: Submit an idea, verify later? Get in touch with right kind of people to do social case studies; sociologists? Questions: End product derived from user interaction?

Download ppt "Usably Secure, Low-Cost Authentication for Mobile Banking Saurabh Gupta Sandeep Kumar Gupta."

Similar presentations

Usably Secure, Low-Cost Authentication for Mobile Banking* Saurabh Panjwani, Ed Cutrell Microsoft Research India * Many thanks to Anupam Varghese (EKO.

Usably Secure, Low-Cost Authentication for Mobile Banking* Saurabh Panjwani, Ed Cutrell Microsoft Research India * Many thanks to Anupam Varghese (EKO.
Module: 201 Create and Manage Your Agent Account.

Module: 201 Create and Manage Your Agent Account.
Secure Mobile IP Communication

Secure Mobile IP Communication
AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.
NSFdeposit.com Telephone Checks. NSFdeposit.com Telephone Checks New Automated On-line Payment System One time sign-up; intelligent engine Unique file.

NSFdeposit.com Telephone Checks. NSFdeposit.com Telephone Checks New Automated On-line Payment System One time sign-up; intelligent engine Unique file.
Use Case & Use Case Diagram

Use Case & Use Case Diagram
Security of Mobile Banking

Security of Mobile Banking
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Extending ForeFront beyond the limit www.AGATSolutions.com TMGUAG ISAIAG AG Security Suite.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
New Delhi, India, 14 March 2013 Innovating Cyber Defense Approaches to Combat Online Financial Fraud in Developing Economies Charles Iheagwara, Director,

New Delhi, India, 14 March 2013 Innovating Cyber Defense Approaches to Combat Online Financial Fraud in Developing Economies Charles Iheagwara, Director,
By Aidan Summerville.  The process inn which a person’s unique physical and other traits are detected and recorded by an electronic device or system.

By Aidan Summerville.  The process inn which a person’s unique physical and other traits are detected and recorded by an electronic device or system.
CMSC 414 Computer and Network Security Lecture 10 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 10 Jonathan Katz.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
CMSC 414 Computer and Network Security Lecture 15 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 15 Jonathan Katz.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Similar presentations

Ads by Google