원문정보
초록
영어
Use of personalized security mechanisms among financial sectors is gaining rapid momentum day-by-day. Banking and e-shopping portals, which are paramount of cyber-attacks, strongly recommend that both the merchant (i.e., a merchant web portal) and its customers (customers using these portals) be certain about each other’s identity. This emphasizes not only that the merchant portal must be able to detect an attacker spoofing the identity of one of its customers, but also that a customer must not leave her secrets with a fraud-cum-look-alike website spoofing address of the merchant’s portal.This thesis envisages a novel, scalable approach to detect a fraud, look-alike web page to help a customer unaware of digital certificates, Internet security policies and their glitches, truly recognize her merchant’s web-site using her smartphone. The approach uses a reverse challenge-response framework; and uses QR codes which are generated dynamically and depend on the GPS parameters of the customer. The customer uses her smartphone to scan the QR codes with an application provided by the merchant; which detects correctly whether she logged on to the genuine website. The additional benefit of this approach is that it can be modelled to offer a novel, non-telephonic two-step authentication system with minor modifications.
목차
1. Introduction
2. Proposed Model
2.1. Registering the Mobile Application
2.2. Verification Process to Detect a Fraud or Genuine Web Page
2.3 Analysis of Vulnerability
2.4 Introducing GPS and Customer’s Movement Parameter
2.5 Performance Analysis of the Implementation of the Architecture
2.6 Scope of the Proposed Architecture to Future Research
2.7 Conclusion
Acknowledgements
References