A Robust and secure authentication mechanism inonline
Abstract—Online banking is on the up each day witha persistent rise in the number of people using this novelservice to carry out their financial transactions. This amplifiedinterest in the use of online banking has consequently raisedthe concerns over the security. This has raised the need toprotect online banking in to guard these transactions as wellas establishing secure mechanisms for information exchangethat prevent fraud and safeguard the personal data. With theinternet now popular among all age groups, online banking hasbecome a necessity.Security mechanisms are, therefore a mustfor the proper functioning of online banking. In addition tothis, all the users are required to manage multiple passwordsand devices. Security which are provided by the extensivelyused systems namely knowledge-based security and token-basedsecurity can be easily breached when one reveals his passwordand his cards are stolen. In order to overcome this, biometricsare used. Banks have started using single biometric systems forfinancial transactions. In order to provide further security foronline banking transactions, the proposed system introducesthe use of multiple(face and fingerprint) biometrics for onlinefinancial transaction where both are required for authenticationof log-in- process and one biometric is used for transactionprocess, thus would help overcome traditional vulnerabilities.Further, this proposed research further explores the matchingat the feature level, which of course is a under studied problem.Here in this approach, the feature sets extracted from multipledata sources would be fused to create a new feature setto represent the individual. Since the feature set containsbetter-off information about the fresh biometric data comparedto the match score level or the final decision, combinationat this level is possible to provide better authenticationresults. Initial results indicate that the planned technique canlead to large improvement in multimodal matching performance.Index Terms—Unimodal biometrics, multimodal biometrics,OTP.
Local Services Info Based Mobile App
Reminder App – Medical , Doctor
Mobile Attendance Management system project in Android App
Mobile App For Water Complaint System
Mobile App For Laundry Service Using Bootstrap Responsive Design
Ecom :Mobile App For Online Shopping Based On Responsive Design
ibus : Mobile App For Bus Timing Report Using Bootstrap Responsive Design
ischool : Mobile App For School Management App Using Bootstrap Responsive Design
A number of aspects, including lesser cost of networkdevices, larger Internet and mobile Internet penetration, avail-ability of devices and increased use of the smartphones havegone into commercialising online banking around the world.The circumstance remains that in spite of the advancementsin security technology, vulnerablity still exist. Studies showsthat many phishing and social engineering attacks take placearound the world every month. Though there are many threatsand vulnerabilities, a very strong authentication mechanismfor customers and transactions will address most fraud re-lated issues. Apart from incorporating strong authenticationmechanism, certain banks limit the number of online bankingoperations that a customer can perform each day.Biometric technology ensures the robust and safe techniqueto make Secure authentications of persons. A large portion ofsystem breaches are caused by authentication failure, eitherduring the login process or in the transaction process whichexist due to the limitations accompanying the existing authen-tication methods. Current authentication methods are notuser oriented and are thus an endanger to users security.In the current world, authentication of online banking users isdone using the following methods:A. KNOWLEDGE BASEDThis method, which is the most popular and common,asks the users to authenticate by entering their User Id andpassword. The bank safeguards the security by ensuring thatthe users have a strong password and that are changed at afrequent intervals which is assigned to be for few days.B. TOKEN BASEDToken based method is currently used in almost all oninebank transactions. This method authenticates the users basedon the knowledge based identity and something else that theyhave.This is usually done using OTP(One Time Password), ortoken devices.
II. RELATED WORKS
A. UNIMODAL BIOMETRICSThe unimodal biometric systems rely on the evidenceof a single source of information for authentication ofperson. Though these unimodal biometric systems havemany advantages, it has to face with variety problems likeNoisy data,Intra class variation,Interclass similarities,Nonuniversality,Spoofing etc.
B. TYPES OF MULTIMODAL SYSTEMSDepending on the traits, sensors and feature sets manydifferent types of multimodal systems are there.Theseinclude
1) Single biometric trait, multiple sensors:Multiplesensors are used to record the same biometric characteristic.The raw data taken from different sensors can then becombined at the feature level or matcher score level toimprove the performance of the system.2) Multiple biometrics:Multiple biometric traits such asfingerprints and face can be combined.Different sensors areused for each biometric characteristic. The interdependencyof the traits ensures a significant improvement in theperformance of the system.3) Multiple units, single biometric traits:Two or morefingers of a single user can be used as a biometric trait. Itis inexpensive way of improving system performance, as itdoesnt require multiple sensors or incorporating additionalfeature extraction or matching modules. Iris can also beincluded in this category.4) Multiple snapshots of single biometric:In this morethan one instance of the same biometric is used for therecognition. For e.g. multiple impressions of the same fingeror multiple samples of the voice.5) Multiple matching algorithms for the same biometric:In it different methods can be applied to feature extractionand matching of the biometric characteristic.
C. FUSION LEVELS IN MULTIMODAL BIOMETRICSThere are three fusion levels in multimodal biometrics:feature level fusion, matching score level fusion and decisionlevel fusion respectively. The three levels of fusion aredescribed as follows:1) FEATURE LEVEL FUSION:In the feature levelfusion, features from different biometric traits are initiallyprocessed and the feature vectors are obtained are extractedand combined to form a composite feature vector. This isthen combined to form a feature vector that is used forclassification.2) MATCHING SCORE LEVEL FUSION:In matchingscore level fusion, individual matching score is found basedon various biometric traits and these matching scores aregathered to make the classification.3) DECISION LEVEL FUSION:In decision level fusion,each biometric traits are captured and features are extractedfrom the captured traits.The final decision of accept or rejectbased on the combination of the outcomes from differentbiometric modalities.
D. MATCHING ALGORITHMSBased on the pattern of the matching algorithm, thematching speed can vary. In a biometric recognition system,the individuality corresponding to the probe is clasicallydetermined by matching it against the templates of allindividualities in the gallery.
E. FINGERPRINT MATCHING TECHNIQUESFor accurate personal identification,considering all the cur-rently used biometric techniques, fingerprint authenticationsystem is the widely used and appropriate.The existing popularfingerprint matching techniques can be broadly classified intothree categories depending on the types of features used:1) Minutiae-based:2) Correlation-based:3) Euclidean distance-based:III. PROPOSEDSYSTEMDESIGNIn the proposed system, the online banking systemensures robust and secure authentication mechanism by usingthe multimodal biometrics.Multimodal system includingFingerprint and face are used for the login process. As theftcan occur at any point of transaction process, fingerprintauthentication is again done during transaction process.Efficient encryption and decryption methods are used forproviding the security of data transmitted and storing the datain the database. Thus the proposed system ensures improvedsecurity in online banking by using the multimodal biometricsystem.Figure 1.High level designFigure 1 describes the overall scenario in the proposedsystem.The planned system consists of a client system which isthe user doing the online transaction. The bank server enclosesthe database with which the details has to be compared. Theuser can login with the user id , and recognising self withfingerprint and face . These details are compared with thedatabase in the server. Once the login is successful, the usercan make the necessary transaction by authenticating with thefingerprint once again. The details are again compared withthe server.The proposed system uses a multimodal biometric system.Itconsists of two main modules namely,A. Enrolment moduleHere, the user has to register at the bank with the necessarydetails . This includes the biometric traits as well as information needed for the authentication.B. Authentication moduleHere, the user has to authenticate him/herself using themulti biometric traits used for the login process and unimodalbiometric , used for transaction process.The Authenticationmodule consist of two main processes.1) Login Process:Here, the user has to login using theuser id followed by the recognition of face and fingerprintfor authentication .Once the user login to the system the usercan only view the account details.2) Transaction Process:Here, the user has to againauthenticate him/her self using the fingerprint authentication.Only when the user authenticate with the fingerprint details,the transaction can be done.The authentication mechanism includes the processes atboth the client and server side. The client side process includecapturing the finger and face image ,followed by featureextraction and fusion of the feature extracted,encrypting theEuclidean distance calculated and sending it to the server.Thisis depicted in Figure 2.Figure 2.Client sideFigure 3 illustrates the server side process. The serverside process include, decrypting the encrypted data, andcomparing the stored data in the database.
Today, the authentication mechanism in online bankinginclude two factor authentication which is the token basedauthentication mechanism.This needs an external device todynamically authenticate the user. However, the chances to thedevice being misplaced or loss can cause a compromise to thebank account transactiona. There are many vulnerabilities stillconcerning this area. So a robust and secure authenticationmechanism to be used in online banking is essential. Thiscan be achieved by using multimodal biometrics. There areFigure 3.Server sidevarious spoofing attacks that can occur while using unimodalbiometrics. Thus multimodal biometrics ensures an efficientmethod for authentication in online transaction.Certain threatsincluding hacking, phishing etc can also be dispensed whenusing multimodal biometrics.