Professional Documents
Culture Documents
LAWAL O. N.*
SOKUNBI M. A.
OJO O.
Adelokun A. P.
ALAKIRI H.
Department of Computer Technology,
Yaba College of Technology, Yaba, Lagos, Nigeria.
@
iSTEAMS Research Nexus 2013
An International Conference on Science, Technology, Engineering,
Education, Arts, Management & the Social Sciences (iSTEAMS)
Date: 30th May 1st June, 2013
Venue: Conference Centre, University of Ibadan, Ibadan, Nigeria
PRESENTATION OUTLINE
ABSTRACT
INTRODUCTION
PROBLEM STATEMENT
CASE STUDY
RELATED WORKS
RESEARCH FRAMEWORK
RESEARCH METHODOLOGY
PROPOSED MODEL
FINDINGS
DISCUSSION
CONCLUSION
RESEARCH IMPLICATIONS
RECOMMENDATIONS
REFERENCES
Securing ATM Transaction With SMS Alert Lawal, Sokunbi, Ojo, Adelokun & Alakiri
ABSTRACT
The menace of identity theft and electronic scam
continues to be a problem in Nigeria and globally. It
increases the growing need of regulatory requirements
for the protection of confidential data and especially in
ATM based financial transactions. Existing ATM
authentication systems often use a PIN encoded onto a
chip or magnetic stripe card. The vulnerability is that
access is based only on single factor authentication
(PIN), which is not secure to protect user data in periods
of compromise of PIN or stolen ATM cards. There is a
need for multifactor security protocols. This paper
provides a new security model that can be employed in
ATM system authentication, which encompasses both
financial security and high usability. It uses a novel
approach based on transaction authentication code via
SMS to enforce another security level with the traditional
ENTER
PIN protocol. The system provides a highly
3
Securing ATM Transaction With SMS Alert Lawal, Sokunbi, Ojo, Adelokun & Alakiri
INTRODUCTION
PROBLEM STATEMENT
CASE STUDY
Securing ATM Transaction With SMS Alert Lawal, Sokunbi, Ojo, Adelokun & Alakiri
RELATED WORKS
Ayannuga and Lawal (2012) observed that most
authentication schemes do not suggest good usability as
they are difficult for the users to memorize and adapt to.
They argued that an important goal of all usable
authentication schemes is to ensure a usable yet secure
system for user authentication.
RESEARCH FRAMEWORK
SMS PASSCODE is the leading technology in realtime two-factor authentication using your mobile
device. To protect against the rise in internet based
identity theft hitting both consumers and corporate
employees, SMS PASSCODE offers a stronger
authentication via the mobile phone SMS service
compared
to
traditional
alternatives.
Many
organizations have implemented two-factor security
using legacy dedicated hardware devices such as
tokens to protect systems used for remote log-ins.
This technology is based on a small physical pocket
size device or calculator type form-factor seen in
some home banking solutions that generates a
unique code. When a user logs into a companys
system, the user is sent an extra code via an SMS
8
Securing ATM Transaction With SMS Alert Lawal, Sokunbi, Ojo, Adelokun & Alakiri
text message
that can verify that the user is the
RESEARCH METHODOLOGY
We use flowcharts to depict both the
existing procedure in ATM transaction, and
our proposed model.
The existing ATM transaction procedure is
shown in Figure 1 in the next slide.
Securing ATM Transaction With SMS Alert Lawal, Sokunbi, Ojo, Adelokun & Alakiri
Securing ATM Transaction With SMS Alert Lawal, Sokunbi, Ojo, Adelokun & Alakiri
10
MODEL
11
FINDINGS
We found that the existing system allows transaction to
proceed once the account PIN is valid, whether the
person conducting the transaction is the authentic owner
or not. This makes it very easy for anyone to use another
person's ATM card and PIN to conduct financial
transaction. The owner of the account will become aware
of the transaction after it is already concluded. This has
led to financial loss.
DISCUSSIONS
CONCLUSION
RESEARCH IMPLICATIONS
RECOMMENDATION
Securing ATM Transaction With SMS Alert Lawal, Sokunbi, Ojo, Adelokun & Alakiri
16
REFERENCES
1. Ayannuga O. O. and Lawal O. N. (2012 December). Usable
Authentication Schemes: A Critique. IEEE African Journal of
Computing & ICT, Vol. 5(6), pp. 88-94.
2. Brewster Tom (2013 Online). Five Arrested Over 500k American
Express Cyber Theft. TechWeekEurope. May 9th. Retrieved Friday,
10th May, 2013 from http://www.techweekeurope.co.uk/news/fivearrested-pceu-american-express-cyber-crime-115723
3. Felton E., Balfanz D., Dean D., & Wallach D. (2007). Web Spoofing:
An Internet Con Game. In Proc. of the 20th National Information
Systems Security Conference.
4. FFIEC (2001). Authentication in an electronic banking environment.
http://www.ffiec.org/papers.php?id=1247
5. Obodoeze F.C., Okoye F.A., Asogwa S.C., Ozioko F.E., & Mba C.N.
(2012). Enhanced Modified Security Framework for Nigeria Cashless
E-payment System. International Journal of Advanced Computer
Science and Applications (IJACSA), Vol 3 (11), pp. 189-196.
6. SMS PASSCODE (2012). Secure World Business - leading real-time
two-factor
authentication
solution.
Author.
www.smspasscode.com/company
7. Udenta Omoligho (2009). ATM, Oh ATM. The Guardian Life Magazine,
17
Securing ATM Transaction With SMS Alert Lawal, Sokunbi, Ojo, Adelokun & Alakiri
26 October.
THANK YOU
18