Secure annihilation of out-of-band authorization for online transactions
Objectives: In this paper, an approach to online banking authorization using one-time passwords has been illustrated. Methods/Statistical Analysis: The algorithm presented in this paper provides an infinite as well as forward One-time password (OTP) generation mechanism employing two Secure Hash Al...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Informatics Publishing Limited
2018
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/62564/1/83774 http://irep.iium.edu.my/62564/ http://www.indjst.org/index.php/indjst/article/view/121107/83774 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.iium.irep.62564 |
|---|---|
| record_format |
dspace |
| spelling |
my.iium.irep.625642019-12-04T00:57:00Z http://irep.iium.edu.my/62564/ Secure annihilation of out-of-band authorization for online transactions Hussain, Sabahat Khan, Burhan ul Islam Anwar, Farhat Olanrewaju, Rashidah Funke TK7885 Computer engineering Objectives: In this paper, an approach to online banking authorization using one-time passwords has been illustrated. Methods/Statistical Analysis: The algorithm presented in this paper provides an infinite as well as forward One-time password (OTP) generation mechanism employing two Secure Hash Algorithms viz. SHA3 and SHA2, followed by dynamic truncation to produce human-readable OTP. An inimitable authentication scheme has been presented in which a unique initial seed is used for generating a series of OTPs on the user’s handheld gadget (i.e. a mobile phone). Findings: The proposed scheme demonstrated better results than the previous schemes of authorization after a security analysis was conducted on it. This is attributed to the eradication of cellular network within the authorization process. A high level of performance and efficiency in authentication and authorization was evident from the results that are vital for transacting online. Applications/Improvements: In the proposed system, the inherent features of the user’s device (mobile phone) are utilized to form the initial seed. The application of hash functions to that seed eliminates the necessity to send one time passwords to the users via Short Message Service and decreases the limitations posed by out-of-band systems, thus making it suitable to be employed in online banking and other financial organizations. Informatics Publishing Limited 2018-02 Article PeerReviewed application/pdf en http://irep.iium.edu.my/62564/1/83774 Hussain, Sabahat and Khan, Burhan ul Islam and Anwar, Farhat and Olanrewaju, Rashidah Funke (2018) Secure annihilation of out-of-band authorization for online transactions. Indian Journal of Science and Technology, 11 (5). pp. 1-9. ISSN 0974-6846 E-ISSN 0974-5645 http://www.indjst.org/index.php/indjst/article/view/121107/83774 10.17485/ijst/2018/v11i5/121107 |
| institution |
Universiti Islam Antarabangsa Malaysia |
| building |
IIUM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
International Islamic University Malaysia |
| content_source |
IIUM Repository (IREP) |
| url_provider |
http://irep.iium.edu.my/ |
| language |
English |
| topic |
TK7885 Computer engineering |
| spellingShingle |
TK7885 Computer engineering Hussain, Sabahat Khan, Burhan ul Islam Anwar, Farhat Olanrewaju, Rashidah Funke Secure annihilation of out-of-band authorization for online transactions |
| description |
Objectives: In this paper, an approach to online banking authorization using one-time passwords has been illustrated.
Methods/Statistical Analysis: The algorithm presented in this paper provides an infinite as well as forward One-time password (OTP) generation mechanism employing two Secure Hash Algorithms viz. SHA3 and SHA2, followed by dynamic truncation to produce human-readable OTP. An inimitable authentication scheme has been presented in which a unique initial seed is used for generating a series of OTPs on the user’s handheld gadget (i.e. a mobile phone). Findings: The proposed scheme demonstrated better results than the previous schemes of authorization after a security analysis was conducted on it. This is attributed to the eradication of cellular network within the authorization process. A high level of performance and efficiency in authentication and authorization was evident from the results that are vital for transacting
online. Applications/Improvements: In the proposed system, the inherent features of the user’s device (mobile phone) are utilized to form the initial seed. The application of hash functions to that seed eliminates the necessity to send one time passwords to the users via Short Message Service and decreases the limitations posed by out-of-band systems, thus making it suitable to be employed in online banking and other financial organizations. |
| format |
Article |
| author |
Hussain, Sabahat Khan, Burhan ul Islam Anwar, Farhat Olanrewaju, Rashidah Funke |
| author_facet |
Hussain, Sabahat Khan, Burhan ul Islam Anwar, Farhat Olanrewaju, Rashidah Funke |
| author_sort |
Hussain, Sabahat |
| title |
Secure annihilation of out-of-band authorization for
online transactions |
| title_short |
Secure annihilation of out-of-band authorization for
online transactions |
| title_full |
Secure annihilation of out-of-band authorization for
online transactions |
| title_fullStr |
Secure annihilation of out-of-band authorization for
online transactions |
| title_full_unstemmed |
Secure annihilation of out-of-band authorization for
online transactions |
| title_sort |
secure annihilation of out-of-band authorization for
online transactions |
| publisher |
Informatics Publishing Limited |
| publishDate |
2018 |
| url |
http://irep.iium.edu.my/62564/1/83774 http://irep.iium.edu.my/62564/ http://www.indjst.org/index.php/indjst/article/view/121107/83774 |
| _version_ |
1654959779865427968 |
| score |
13.160551 |