Presentation is loading. Please wait.

Presentation is loading. Please wait.

Two Factor Authentication Using Mobile Phones. Abstract In our project security and authentication plays a major role. It can be mainly used in online.

Published byEaster McLaughlin Modified over 8 years ago

Similar presentations

Presentation on theme: "Two Factor Authentication Using Mobile Phones. Abstract In our project security and authentication plays a major role. It can be mainly used in online."— Presentation transcript:

1 Two Factor Authentication Using Mobile Phones

2 Abstract In our project security and authentication plays a major role. It can be mainly used in online banking or ATM machines. The mobile phone acts as a security token for authentication. The user login’s the ATM machine by scratching the card and entering the password. For providing more security separate token number is used for performing the banking operation like money withdrawal, checking the balance etc. This token number is generated using the SHA algorithm and XOR operation. The user mobile number, IMEI number, pin number and IMSI number were included to generate the token number. The token number is a six digit random number that were obtained from the included number. The token number is sent to the user mobile. This token number is given for accessing or performing the banking operations. The token number is generated for every interval of time. For more than three times if the user gives any invalid pin number the ATM card is blocked. In our project security and authentication plays a major role. It can be mainly used in online banking or ATM machines. The mobile phone acts as a security token for authentication. The user login’s the ATM machine by scratching the card and entering the password. For providing more security separate token number is used for performing the banking operation like money withdrawal, checking the balance etc. This token number is generated using the SHA algorithm and XOR operation. The user mobile number, IMEI number, pin number and IMSI number were included to generate the token number. The token number is a six digit random number that were obtained from the included number. The token number is sent to the user mobile. This token number is given for accessing or performing the banking operations. The token number is generated for every interval of time. For more than three times if the user gives any invalid pin number the ATM card is blocked.

3 Existing System In the existing system, only the scratch card and the pin number were considered for accessing the ATM machine. But in case of lost or theft of scratch card the account can be easily accessed by the unauthorized user. This is not secure and not reliable for account maintenance. In the existing system, only the scratch card and the pin number were considered for accessing the ATM machine. But in case of lost or theft of scratch card the account can be easily accessed by the unauthorized user. This is not secure and not reliable for account maintenance.

4 Proposed System In the proposed system, mobile phone is used for security and authentication. Here a token number is generated using the user mobile number, IMEI number, pin number and IMSI number. The SHA algorithm and XOR operation were used for the generation of token number. The generated token number is sent to the user mobile and only by entering the token number the user can access the ATM machine.

5 Modules  Login Module  Token Generation Module  SMS Module  ATM Process Module

6 System Architecture

7 DATA FLOW DIAGRAM Internal Data Flow

8 DATA FLOW DIAGRAM External Data Flow External Data Flow

9 Methodologies Step-1: New user account is created. Step-1: New user account is created. Step-2: Existing user is logged in by scratching the card and entering the pin number Step-2: Existing user is logged in by scratching the card and entering the pin number Step-3: The token number is generated. Step-3: The token number is generated. Step-4: The IMEI number, IMSI number, user name and pin number were considered for token number generation. Step-4: The IMEI number, IMSI number, user name and pin number were considered for token number generation. Step-5: The SHA256 algorithm is used for generating the Hash message. Step-5: The SHA256 algorithm is used for generating the Hash message. Step-6: This Hash message is taken and XOR operation is made. Step-6: This Hash message is taken and XOR operation is made. Step-7: Then the XOR-ed message was encoded using Base64 algorithm. Step-7: Then the XOR-ed message was encoded using Base64 algorithm. Step-8: From the encoded message a random six digit output is taken as token number. Step-8: From the encoded message a random six digit output is taken as token number. Step-9: The generated token number is sent to the account holder mobile number. Step-9: The generated token number is sent to the account holder mobile number. Step-10: With the help of the token number the user performs various operations like withdrawal, checking account balance etc. Step-10: With the help of the token number the user performs various operations like withdrawal, checking account balance etc.

10 Software & Hardware Requirements Software Requirements Software Requirements Java1.5 or More Java1.5 or More JSMS JSMS MS-SqlServer MS-SqlServer Hardware Requirements Hardware Requirements Hard disk:40 GB Hard disk:40 GB RAM :128mb RAM :128mb Processor:Pentium Processor:Pentium Mobile Phone With Data Cable Mobile Phone With Data Cable

11 References [1] A. Jøsang and G. Sanderud, “Security in Mobile Communications: Challenges and Opportunities,” in Proc. of the Australasian [1] A. Jøsang and G. Sanderud, “Security in Mobile Communications: Challenges and Opportunities,” in Proc. of the Australasian information security workshop conference on ACSW frontiers, 43-48, 2003. information security workshop conference on ACSW frontiers, 43-48, 2003. [2] Aladdin Secure SafeWord 2008. Available at http://www. securecomputing.com/index.cfm?skey=1713 [2] Aladdin Secure SafeWord 2008. Available at http://www. securecomputing.com/index.cfm?skey=1713http://www [3] A. Medrano, “Online Banking Security – Layers of Protection,” Available at http://ezinearticles.com/?Online- Banking-Security--- [3] A. Medrano, “Online Banking Security – Layers of Protection,” Available at http://ezinearticles.com/?Online- Banking-Security--- Layers-of-Protection&id=1353184 Layers-of-Protection&id=1353184 [4] B. Schneier, “Two-Factor Authentication: Too Little, Too Late,” in Inside Risks 178, Communications of the ACM, 48(4), April 2005. [4] B. Schneier, “Two-Factor Authentication: Too Little, Too Late,” in Inside Risks 178, Communications of the ACM, 48(4), April 2005. [5] D. Ilett, “US Bank Gives Two-Factor Authentication to Millions of Customers,” 2005. Available at http://www.silicon.com/ [5] D. Ilett, “US Bank Gives Two-Factor Authentication to Millions of Customers,” 2005. Available at http://www.silicon.com/ financialservices/0,3800010322,39153981,00.htm financialservices/0,3800010322,39153981,00.htm [6] D. de Borde, “Two-Factor Authentication,” Siemens Enterprise Communications UK- Security Solutions, 2008. Available at [6] D. de Borde, “Two-Factor Authentication,” Siemens Enterprise Communications UK- Security Solutions, 2008. Available at http://www.insight.co.uk/files/whitepapers/Twofactor%20authentication%20(White%20paper).pdf http://www.insight.co.uk/files/whitepapers/Twofactor%20authentication%20(White%20paper).pdf http://www.insight.co.uk/files/whitepapers/Twofactor%20authentication%20(White%20paper).pdf [7] A. Herzberg, “Payments and Banking with Mobile Personal Devices,” Communications of the ACM, 46(5), 53- 58, May 2003. [7] A. Herzberg, “Payments and Banking with Mobile Personal Devices,” Communications of the ACM, 46(5), 53- 58, May 2003. [8] J. Brainard, A. Juels, R. L. Rivest, M. Szydlo and M. Yung, “Fourth- Factor Authentication: Somebody You Know,” ACM CCS, 168-78. [8] J. Brainard, A. Juels, R. L. Rivest, M. Szydlo and M. Yung, “Fourth- Factor Authentication: Somebody You Know,” ACM CCS, 168-78. 2006. 2006. [9] NBD Online Token. Available at http://www.nbd.com/NBD/ NBD_CDA/CDA_Web_pages/Internet_Banking/nbdonline_topbanner [9] NBD Online Token. Available at http://www.nbd.com/NBD/ NBD_CDA/CDA_Web_pages/Internet_Banking/nbdonline_topbannerhttp://www.nbd.com/NBD/ [10] N. Mallat, M. Rossi, and V. Tuunainen, “Mobile Banking Services,” Communications of the ACM, 47(8), 42- 46, May 2004. [10] N. Mallat, M. Rossi, and V. Tuunainen, “Mobile Banking Services,” Communications of the ACM, 47(8), 42- 46, May 2004.

Download ppt "Two Factor Authentication Using Mobile Phones. Abstract In our project security and authentication plays a major role. It can be mainly used in online."

Similar presentations

GENERIC CONTROL OF ELECTRICAL ENVIRONMENT THROUGH A WEBPAGE - IT Acumens. COMIT Acumens. COM.

GENERIC CONTROL OF ELECTRICAL ENVIRONMENT THROUGH A WEBPAGE - IT Acumens. COMIT Acumens. COM.
Cloud Banking Services MBSP Mobile Banking Service Provider Welcome to:

Cloud Banking Services MBSP Mobile Banking Service Provider Welcome to:
What Are the Functions of ATM Machines?

What Are the Functions of ATM Machines?
McAfee One Time Password

McAfee One Time Password
Michal Bodlák. Referred to as mobile money, mobile money transfer, and mobile wallet generally refer to payment services operated under financial regulation.

Michal Bodlák. Referred to as mobile money, mobile money transfer, and mobile wallet generally refer to payment services operated under financial regulation.
M-PAYMENT SYSTEM (e–WALLET ).

M-PAYMENT SYSTEM (e–WALLET ).
Chapter 6 E-commerce Payment Systems. Traditional Payment Systems Cash Checking Transfers Credit Card Accounts Stored Value Accounts Accumulating Balance.

Chapter 6 E-commerce Payment Systems. Traditional Payment Systems Cash Checking Transfers Credit Card Accounts Stored Value Accounts Accumulating Balance.
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.

Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Debit Card Plastic card that looks like a credit card

Debit Card Plastic card that looks like a credit card
ATM Case Study A Discussion.

ATM Case Study A Discussion.
ATM with Biometric Technology

ATM with Biometric Technology
Sequence Diagrams. Introduction A Sequence diagram depicts the sequence of actions that occur in a system. The invocation of methods in each object, and.

Sequence Diagrams. Introduction A Sequence diagram depicts the sequence of actions that occur in a system. The invocation of methods in each object, and.
THE BLACKBERRY® CREDIT CARD CLEARING SOLUTION. eMERIT is a BlackBerry®-based solution that provides a live, 24/7, UK credit card processing solution through.

THE BLACKBERRY® CREDIT CARD CLEARING SOLUTION. eMERIT is a BlackBerry®-based solution that provides a live, 24/7, UK credit card processing solution through.
Federated Authentication mechanism for mobile services Dasun Weerasinghe, Saritha Arunkumar, M Rajarajan, Veselin Rakocevic Mobile Networks Research Group.

Federated Authentication mechanism for mobile services Dasun Weerasinghe, Saritha Arunkumar, M Rajarajan, Veselin Rakocevic Mobile Networks Research Group.
CertAnon A Proposal for an Anonymous WAN Authentication Service David Mirra CS410 January 30, 2007.

CertAnon A Proposal for an Anonymous WAN Authentication Service David Mirra CS410 January 30, 2007.
Multi-Factor Authentication Added protection for a more secure you Presenter: Jeff Penn.

Multi-Factor Authentication Added protection for a more secure you Presenter: Jeff Penn.
Data Flow Diagram Notations

Data Flow Diagram Notations
Large-Scale, Cost-Effective, Progressive Authentication and Identify Management Solutions Enabling Security, Efficiency and Collaboration through Technology.

Large-Scale, Cost-Effective, Progressive Authentication and Identify Management Solutions Enabling Security, Efficiency and Collaboration through Technology.

Similar presentations

Ads by Google