Abstract:
In this paper, enhanced security of
online banking transactions against man in the
middle is presented basing on two factor
authentications by use of one time password and
single password. Online banking is a system
allowing individuals to perform banking activities at
home via the internet. Online banking through
traditional banks enable customers to perform all
routine transactions, such as account transfers,
balance inquiries, bill payments, Account
information can be accessed anytime, day or night,
and can be done from anywhere. Online
transactions are considered most sensitive. Doing
such online transactions via a public network
consequently introduces new challenges for security
and trustworthiness, They are two types of common
attacks in online banking which are offline
credential stealing attacks and online channel
breaking attacks. This paper provide a solution to
the problem encountered in online channel-breaking
attacks. The intruder unnoticeably interrupts
messages between the client PC and the banking
server by masquerading as the server to the client
and vice versa.
This kind of attack is used to anonymously
perform some operations on the user's account. For
this purpose the current paper proposed a new
approach of two factor authentication with one time
password generated on two sided which are client
side and server side. Qualitative methods are used
for data collection. The qualitative methods can be
classified in three broad categories: in-depth
interview, observation methods, document review.
Finally, the paper discuss and analyze how two
factor authentication will enhance security of online
banking services against man in the middle and
provide recommendations for further security.