Secure Login Mechanism for Online Banking

Ahmad Syahir - Universiti Tun Hussein Onn Malaysia, Johor, Malaysia
Chuah Wen - Universiti Tun Hussein Onn Malaysia, Johor, Malaysia


Citation Format:



DOI: http://dx.doi.org/10.30630/joiv.2.3-2.136

Abstract


Login is one of the important security features in online banking. This research investigates the mechanism for an existing online banking in Malaysia including the design of the login mechanism, the encryption algorithm used for the password  and the security level of the login mechanism. This research provides a result of analyzing data between five online banking in terms of their security features. These analyzing data will be used for proposing secure password encryption in online banking. The mathematic is used to evaluate the security level for these secure login applications. Output from the mathematical analysis is the probability that the adversary may break the security of login application.

Keywords


login, online banking, security, adversary.

Full Text:

PDF

References


A. Berger, The Economic Effects of Technological Progress: Evidence from the Banking Industry, Journal of Money, Credit, and Banking, Vol 35, No. 2, pp 141 – 176, 2003.

CIMB Clicks, (2017). URL: https://www.cimbclicks.com.my/

Maybank2u, (2017). URL: http://www.maybank2u.com.my/

MyBSN, (2017). URL: https://www.mybsn.com.my/

i-muamalat, (2017). URL: https://www.i-muamalat.com.my/

Bank Islam Malaysia, (2017). URL: https://www.bankislam.biz/

L. D. Smith, Cryptography: The Science of Secret Writing, Publisher Courier Corporation, 1955.

W. Stallings, Cryptography and Network Security: Principles and Practices 7th Edition, Pearson Education India, 2017.

J. Daemen, and V. Rijmen, AES Proposal: Rijndael, 1999.

NIST, Advanced Encryption Standard (AES), 2001.

Liddell, Henry George; Scott, Robert; Jones, Henry Stuart; McKenzie, Roderick (1984). A Greek-English Lexicon. Oxford University Press.

NIST, Data Encryption Standard (DES), 1999.

NIST, Recommendation for the Triple Data Encryption Algorithm (TDEA), 2012.

B. Kaliski, RFC2898: PBCS#5, Password-based Cryptography Specification version 2.0. Technical report, Internet Engineering Task Force, 2000.

K. S. M. Moe, and T. Win, Improved Hashing and Honey-based Stronger Password Prevention Against Brute Force Attack, Electronics and Smart Devices (ISESD), 2017 International Symposium, pp 1 – 5, 2017.