1. Secure Annihilation of Out-of-Band Authorization for Online Transactions
- Author
-
Sabahat Hussain, Burhan Ul Islam Khan, Rashidah Funke Olanrewaju, and Farhat Anwar
- Subjects
Password ,Authentication ,Multidisciplinary ,Short Message Service ,business.industry ,Computer science ,Hash function ,Authorization ,02 engineering and technology ,One-time password ,030507 speech-language pathology & audiology ,03 medical and health sciences ,Mobile phone ,0202 electrical engineering, electronic engineering, information engineering ,020201 artificial intelligence & image processing ,0305 other medical science ,business ,Mobile device ,Computer network - Abstract
Objectives: In this paper, an approach to online banking authorization using one-time passwords has been illustrated. Methods/Statistical Analysis: The algorithm presented in this paper provides an infinite as well as forward One-TimePassword (OTP) generation mechanism employing two Secure Hash Algorithms viz. SHA3 and SHA2, followed by dynamic truncation to produce human-readable OTP. An inimitable authentication scheme has been presented in which a unique initial seed is used for generating a series of OTPs on the user’s handheld gadget (i.e. a mobile phone). Findings: The proposed scheme demonstrated better results than the previous schemes of authorization after a security analysis was conducted on it. This is attributed to the eradication of cellular network within the authorization process. A high level of performance and efficiency in authentication and authorization was evident from the results that are vital for transacting online. Applications/Improvements: In the proposed system, the inherent features of the user’s device (mobile phone) are utilized to form the initial seed. The application of hash functions to that seed eliminates the necessity to send one time passwords to the users via Short Message Service and decreases the limitations posed by out-of-band systems, thus making it suitable to be employed in online banking and other financial organizations. Keywords: Authentication, Authorization, Out-of-band Authorization, Hash Functions
- Published
- 2018