earticle

영어

Due to the versatile and convenient functionality development of smart phones and tablet PCs, mobile e-commerce has dramatically increased. In particular, M-banking has become more convenient, effective and timely through the new mobile communication devices and systems. In order to provide a reliable and secure M-banking process without concurrently decreasing the convenience, a trusted M-banking verification scheme based on the combination of a one-time password (OTP) and personal biometric have been developed in this paper. As the client side initiates a request for M-banking to the server side of a bank that provides the M-banking service, the server side will generate an OTP with a limited period for registration to the M-banking system and transmit this to the client side. After receiving the OTP message, the client side must verify whether the OTP message is validated and provided by the desired real server side. After which, the client side will register to the on-line M-banking system with the OTP within the specified short period. After receiving the service request, the server side will then request that the client side immediately capture a personal biometric, such as a fingerprint, iris, photo, etc. for further verification with the existing data stored on the server side to prevent fraud. If the personal biometric is verified as an old one, the M-banking system will immediately be terminated by the server side. Once verification is confirmed by the server side, the client side can then smoothly perform transactions via M-banking. The proposed scheme can not only provide a secure M-banking system, but can also clearly define the process. Therefore if there are any disputes due to Internet hacking or the mobile phone having been stolen, the client side can protect their rights.