Security analysis of mobile banking
Date of Issue2014
School of Computer Engineering
The internet had brought a revolutionary way of communication and transmitting information since its reception by the general public since April 1993. Ever since then, millions pieces of information have been transmitted through the internet daily. The usage of internet had then increased over the years, now one can use the internet for sending mails, making online purchases and checking bank accounts balance. Sensitive and confidential information about users can also be uploaded onto the internet. It will be devastating if such information is obtained by malicious users who planned to use such information for their own monetary gain, which results in cyber-crimes such as bank fraud and identity theft. Therefore, it is highly important to tighten internet security and safeguard users’ information from malicious users. Currently, there are a number of security protocols available out in the market such as Hypertext Transfer Protocol Secure (HTTPS) and two-factor authentications (2FA). Many people will be familiar with HTTPS as it the most commonly used security protocol currently in the world. Most of the online banking website adopted 2FA as their security protocol as it is easy to implement. Although these security protocols are secured and reliable, they are still vulnerable to security attacks such as phishing and man-in-the-middle. There is another security protocol name Secure Remote Password Protocol (SRP) designed with the aim to bypass the limitations of these existing security protocols. It can be view as a much secure and reliable security protocol than existing protocols. This paper aims to research and study existing security protocols such as HTTPS and 2FA, and also to understand their vulnerability to security attacks. This paper also aims to research and study the algorithms and design concepts behind SRP. This paper also hopes to achieve implementation based on SRP protocol and link it together with Mozilla Firefox browser.
DRNTU::Engineering::Computer science and engineering
Final Year Project (FYP)
Nanyang Technological University