A Robust and secure authentication mechanism in online

A Robust and secure authentication mechanism in online

Abstract—Online banking is on the up each day witha persistent rise in the number of people using this novelservice to carry out their financial transactions. This amplifiedinterest in the use of online banking has consequently raisedthe concerns over the security. This has raised the need toprotect online banking in to guard these transactions as wellas establishing secure mechanisms for information exchangethat prevent fraud and safeguard the personal data. With theinternet now popular among all age groups, online banking hasbecome a necessity.Security mechanisms are, therefore a mustfor the proper functioning of online banking. In addition tothis, all the users are required to manage multiple passwordsand devices. Code Shoppy Security which are provided by the extensivelyused systems namely knowledge-based security and token-basedsecurity can be easily breached when one reveals his passwordand his cards are stolen. In order to overcome this, biometricsare used. Banks have started using single biometric systems forfinancial transactions. In order to provide further security foronline banking transactions, the proposed system introducesthe use of multiple(face and fingerprint) biometrics for onlinefinancial transaction where both are required for authenticationof log-in- process and one biometric is used for transactionprocess, thus would help overcome traditional vulnerabilities.Further, this proposed research further explores the matchingat the feature level, which of course is a under studied problem.Here in this approach, the feature sets extracted from multipledata sources would be fused to create a new feature setto represent the individual. Since the feature set containsbetter-off information about the fresh biometric data comparedto the match score level or the final decision, combinationat this level is possible to provide better authenticationresults. Initial results indicate that the planned technique canlead to large improvement in multimodal matching performance.Index Terms—Unimodal biometrics, multimodal biometrics,OTP.


A number of aspects, including lesser cost of networkdevices, larger Internet and mobile Internet penetration, avail-ability of devices and increased use of the smartphones havegone into commercialising online banking around the world.The circumstance remains that in spite of the advancementsin security technology, vulnerablity still exist. Studies showsthat many phishing and social engineering attacks take placearound the world every month. Though there are many threatsand vulnerabilities, a very strong authentication mechanismfor customers and transactions will address most fraud re-lated issues. Apart from incorporating strong authenticationmechanism, certain banks limit the number of online bankingoperations that a customer can perform each day.Biometric technology ensures the robust and safe techniqueto make Secure authentications of persons. A large portion ofsystem breaches are caused by authentication failure, eitherduring the login process or in the transaction process whichexist due to the limitations accompanying the existing authen-tication methods[7]. Current authentication methods are notuser oriented and are thus an endanger to users security.In the current world, authentication of online banking users isdone using the following methods:[1]A. KNOWLEDGE BASEDThis method, which is the most popular and common,asks the users to authenticate by entering their User Id andpassword. The bank safeguards the security by ensuring thatthe users have a strong password and that are changed at afrequent intervals which is assigned to be for few days.B. TOKEN BASEDToken based method is currently used in almost all oninebank transactions. This method authenticates the users basedon the knowledge based identity and something else that theyhave.This is usually done using OTP(One Time Password), ortoken devices.


Today, the authentication mechanism in online bankinginclude two factor authentication which is the token basedauthentication mechanism.This needs an external device todynamically authenticate the user. However, the chances to thedevice being misplaced or loss can cause a compromise to thebank account transactiona. There are many vulnerabilities stillconcerning this area. So a robust and secure authenticationmechanism to be used in online banking is essential. Thiscan be achieved by using multimodal biometrics. There areFigure 3.Server sidevarious spoofing attacks that can occur while using unimodalbiometrics. Thus multimodal biometrics ensures an efficientmethod for authentication in online transaction.Certain threatsincluding hacking, phishing etc can also be dispensed whenusing multimodal biometrics.