Download Presentation

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
Document related concepts
no text concepts found
Transcript 
Usably Secure, Low-Cost
Authentication for Mobile Banking
Saurabh Gupta
Sandeep Kumar Gupta
Need For Mobile Banking
People need money on the run.
 Banks provide security, interest.

Use Cases – Buying Something
Use Case - Depositing Money
Use Case – Withdrawing Money
What Security ?
How is it secured on Mars ?
Application level encryption
 Typically have an application implementing
the favorite encryption scheme.
 Provides end to end encryption.
Possible because
 Can ask people to install and use them.
 Phones are powerful enough to run them.
Challenges on Earth
Fundamentally, GSM channel is weakly
encrypted.
 Can not rely on network layer encryption.
 Need for end to end encryption
 Can not install applications on user ends.

Mobile Banking In General
Cell Phone
o 2 factor authentication
o
4 digit pin
o A codebook with synchronized security tokens.
o
Overview of 2 schemes

Both use 2 factor authentication schemes.
Old Scheme
New Scheme
Security Analysis

4 different types of attacks considered.
• Pin Recovery
• Type 0: Impersonator gets phone
• Type 1: Impersonator gets phone and codebook
• Type 2: Impersonator gets phone and PIN
Question: Impersonator?
1.
2.
3.
Security Analysis
•
•
•
•
Pin Recovery
Type 0: Impersonator gets phone
Type 1: Impersonator gets phone and codebook
Type 2: Impersonator gets phone and PIN
User Study
Ethnography
 15 people from
Delhi
 19 people from
Bihar
 Composition
 8 agents
 13 existing users
 13 potential users

Tasks
 Plain PIN entry
 EKO signature
formulation
 New signature
formulation

Parameters Recorded
Results
Results
Results
Discussion
Effect of increased cognitive effort.
 Effect of entering only 4 digits instead of
10.
 Statistical significance of results

User Case Studies

What is required to validate your claim?
• from the perspective of paper publishing?
o Novelty of the idea.
o Quick papers for promotion.
• for proving soundly?
o Acceptability of the idea.
Parameters studied in this paper:
1.
2.
Parameters that should have been studied:
1.
2.
Solutions:
• Submit an idea, verify later?
• Get in touch with right kind of people to do social case
studies; sociologists?
Questions:
• End product derived from user interaction?
Related documents
Using Banner Web
Using Banner Web
No Slide Title
No Slide Title
Database Security
Database Security
product assurance
product assurance
All Definitions for
All Definitions for
neovisc_reimbursementassistance info_020513
neovisc_reimbursementassistance info_020513
Troubleshooting tips on 2200
Troubleshooting tips on 2200
SOUND SENSOR MODULE
SOUND SENSOR MODULE
Revision - Downend School
Revision - Downend School
Pin Oak - Gulf Coast Consortia
Pin Oak - Gulf Coast Consortia
SecurEnvoy Next Generation Two
SecurEnvoy Next Generation Two
Pr sentation PowerPoint
Pr sentation PowerPoint