Download presentation
Presentation is loading. Please wait.
Published byAvice Stone Modified over 9 years ago
1
Usably Secure, Low-Cost Authentication for Mobile Banking Saurabh Gupta Sandeep Kumar Gupta
2
Need For Mobile Banking People need money on the run. Banks provide security, interest.
3
Use Cases – Buying Something
4
Use Case - Depositing Money
5
Use Case – Withdrawing Money
6
What Security ?
7
How is it secured on Mars ? Application level encryption Typically have an application implementing the favorite encryption scheme. Provides end to end encryption. Possible because Can ask people to install and use them. Phones are powerful enough to run them.
8
Challenges on Earth Fundamentally, GSM channel is weakly encrypted. Can not rely on network layer encryption. Need for end to end encryption Can not install applications on user ends.
9
Mobile Banking In General o Cell Phone o 2 factor authentication o 4 digit pin o A codebook with synchronized security tokens.
10
Old Scheme New Scheme Overview of 2 schemes Both use 2 factor authentication schemes.
11
Question: Impersonator? 1. 2. 3. Security Analysis 4 different types of attacks considered. Pin Recovery Type 0: Impersonator gets phone Type 1: Impersonator gets phone and codebook Type 2: Impersonator gets phone and PIN
12
Security Analysis Pin Recovery Type 0: Impersonator gets phone Type 1: Impersonator gets phone and codebook Type 2: Impersonator gets phone and PIN
13
User Study Ethnography 15 people from Delhi 19 people from Bihar Composition 8 agents 13 existing users 13 potential users Tasks Plain PIN entry EKO signature formulation New signature formulation
14
Parameters Recorded
15
Results
16
Results
17
Results
18
Discussion Effect of increased cognitive effort. Effect of entering only 4 digits instead of 10. Statistical significance of results
19
User Case Studies What is required to validate your claim? from the perspective of paper publishing? o Novelty of the idea. o Quick papers for promotion. for proving soundly? o Acceptability of the idea.
20
Parameters studied in this paper: 1. 2. Parameters that should have been studied: 1. 2.
21
Solutions: Submit an idea, verify later? Get in touch with right kind of people to do social case studies; sociologists? Questions: End product derived from user interaction?
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.