A secure end‐to‐end SMS‐based mobile banking protocol
Summary Short message service (SMS) provides a wide channel of communication for banking in mobile commerce and mobile payment. The transmission of SMS is not secure in the network using global system for mobile communications or general packet radio service. Security threats in SMS restricted the u...
Saved in:
Published in: | International journal of communication systems Vol. 30; no. 15 |
---|---|
Main Authors: | , |
Format: | Journal Article |
Language: | English |
Published: |
Chichester
Wiley Subscription Services, Inc
01-10-2017
|
Subjects: | |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | Summary
Short message service (SMS) provides a wide channel of communication for banking in mobile commerce and mobile payment. The transmission of SMS is not secure in the network using global system for mobile communications or general packet radio service. Security threats in SMS restricted the use of SMS in mobile banking within certain limits. This paper proposed a model to address the security of SMS using elliptic curve cryptography. The proposed model provides end‐to‐end SMS communication between the customer and the bank through the mobile application. The main objective of the proposed model is to design and develop a security framework for SMS banking. Further, the protocol is verified for its correctness and security properties because most of the protocols are not having the facility to be verified by using the formal methods. Our proposed framework is experimentally validated by formal methods using model checking tool called automated validation of internet security protocols and Scyther tools. Security analysis shows that the proposed mechanism works better compared to existing SMS payment protocols for real‐world applications.
In this paper, we introduce a new SMS‐based mobile banking protocol with formal verification. The proposed framework allows a payer to make payment to a mobile bank app in an encrypted format. This protocol is free from all the possible attacks like man‐in‐the‐middle, replay, and reflection attacks because of our scheme verified under the environment of AVISPA and Scyther tools. Furthermore, the proposed SMS‐based mobile banking protocol is compatible with existing SMS message infrastructure. |
---|---|
ISSN: | 1074-5351 1099-1131 |
DOI: | 10.1002/dac.3302 |