Preventing Educational Document Frauds using Smart
Centralized Qualification Card (SCQC).
Prof. Sarika Zaware, Pratik Lodha, Parag Sanyashiv, Shubham Kadlak, Sunil Jagtap
[email protected], [email protected], [email protected], [email protected], [email protected]
Computer Dept. AISSMS IOIT, Pune
ABSTRACT
Even though world is focusing on being digital still large amount of information or the data is represented by the papers only and that may also contain critical data. Now a days official documents are strongly secured with modern techniques such as artwork or printed pattern, but still paper documents suffer from a lack of security it means that with the high availability of cheap scanning and printing hardware, non-experts also can easily create fake documents. For the many organizations prevention of fraud has become a major concern. The industry understood the problem and is just now starting to act by innovation of new techniques for fraud detection. But as always said prevention is better than cure, we will focus on prevention of frauds, it is the best way to reduce frauds, fraudsters are adaptive and will usually find ways to break the security and circumvent such measures. So, for that purpose we have to make prevention system more and more stronger. In this paper, we present convenient and much more efficient approach for fraud prevention. In our approach, we use the smart card (can be RFID, magnetic tape based etc.). In this smart card, all the educational details can be linked so that the details can be obtained on the go, and hence there is no worries related to carrying your documents all the time with you. So, the issues related to the forgery or alteration of original documents will be reduced (or you can say fully eliminated!)
Keywords
RFID card, SID, Data Encryption-Decryption, AES, Central Database, Embedded
1.
INTRODUCTION
Now a day, paper documents are largely used as it contains the detailed information due to legal reasons. Also verifying educational results has become very important task for recruiters, admission councils, etc. The duplications of leaving certificates allows some to take admission into different degrees from different colleges which is illegal. Rather of all these the paper used for all the procedures are increasing with yearly increasing admissions. At the time of admissions there persist a large number of queue which many times confuses the administrator and can lead to messing of important documents. The document submitted are not every time verified.
So, we proposed an experimental smart technology that will help to solve such problems in future. When students fill up forms for board examination and approved, at the time of receiving the hall ticket, a qualification card is provided linking with his respective university. This qualification card will have a unique identification number linked with the PRN or seat number of that particular student. Also, the qualification card information is only readable for that particular student via online login authority. The information like results, government documents (caste certificates, birth certificate, domicile certificates, etc.) will be updated to the profile of that respective card holder at the time of admission by college administrator. The results will be updated to the card holder profile when the results are declared and by the respective board/university. The student can change the respective information if and only if it seems a mistake. The procedure for changing information can be done by requesting an online modification form attached with the scanned copies of documents.
The administrator, at the time of admission will be able to put a status against the leaving certificate block. The leaving certificate block will have N choices which contains engaged, open, etc. at the time of seeking admission at organization/college, they will ask for qualification card and swipes at the POS or keep it with RFID reader, which will retrieve the student information which will reduce the paper use and will not consume excess time required in queue. Similarly, at the time of recruitment, the job seeker will have produce his qualification card and his respective resume’. The recruiter will read the card with their system and can view the information of qualification updated by university which will reduce the document fraudulent. The recruiter can only view and get the tally of his aggregate required as per company rules.
Rest of the paper is organized as section II discusses literature survey, section III discusses proposed work, section IV discusses about result, section V discusses about conclusion, section VI discusses about acknowledgement followed by references.
To make project successful, we have gone through some papers. The surveyed papers are somehow related with the project which guided us to build our project.
The paper “Multipurpose Smart Card System by Yoso Adi Setyoko and I.G.B. Baskara Nugraha” uses smart card for multiple usage with security by using different cryptographic algorithms.
“A Survey on Smart Ration card system using RFID and Biometrics by Smita Khot, Diksha Kamble, Bharti Lokhande, Prachiti Sardar, Tushar Khose.” This paper helped us to know about the use of RFID for purchasing Ration in Ration shop. The paper “E-Fraud Prevention based on the Self-Authentication of e-Documents by J. M. Blackledge and E. Coyle” used Convolution operation to convert data/document to floating point cipher. Then this cipher is embedded behind the host image.
“Kamta Nath Mishra, “Aadhar based smartcard system for security management in South Asia”, IEEE 04 May 2017.” This paper give us the information about advance in convolution techniques with reference to Aadhar card based biometric system for security Management.
For the study of fraud detection, we have studied following papers:
Irfan A. Landge, B.K.Mishra created “VHDL Based BLOWFISH Implementation for Secured Embedded System Design”, IEEE 2017. This paper proposed to protect the sensitive data from thread embedded devices. VHDL based BLOWFISH algorithm is used for protection.
Paper by El-Sayed Abdoul-Moaty ElBadawy, Waleed A, El-Masry , “A New Chaos Advanced Encryption Standard (AES) Algorithm for Data Security”. This paper concern about the data security by A new chaos Advanced Encryption Standard (AES) Algorithm. This paper is based on substitution of S-box by another one based on new chaos theory.
Suresh Yaram, “Machine Learning Algorithms for Document Clustering and Fraud Detection”, this paper proposed for document fraud detection. This paper implements machine learning algorithms for the same
These all papers are for detection of fraud. But prevention is better than detection. So we are developing a system that will prevent documents from the frauds.
3.
PROPOSED WORK
In this paper, we proposed an experimental smart technology such that data is not directly stored in the smart card but it is stored in the database at the server account-based system. The system architecture is as shown in figure 1.
This design uses pdf file compression & encryption algorithm. AES algorithm encrypt the document during transmission and can be decrypted at end system so provides the better security. But before encrypting the document, we are reducing its size with compression algorithm to optimize it. So, when the documents are to be stored in SCQC database initially it will be compressed and then encrypted and after
that it will be stored.
When students (user) fill up forms for board examination and approved, at the time of receiving the hall ticket, a qualification card is provided linking with his respective university. This qualification card will have a SCQC identification number (SID) linked with the PRN or seat number of that particular student. Also, the qualification card information is only readable for that particular student via online login authority. The information like results, government documents (caste certificates, birth certificate, domicile certificates, etc.) will be updated to the profile of that respective card holder at the time of admission by college administrator. The results will be updated to the card holder profile when the results are declared and by the respective board/university. The student can change the respective information if and only if it seems a mistake. The procedure for changing information can be done by requesting an online modification form attached with the scanned copies of documents.
When the RFID card is scanned with RFID reader. The related documents are fetched from the centralized server.
3.1 Main Components of the system
3.1.1
RFID Tag & RFID Reader
RFID tagging is an ID system which uses small Radio Frequency Identification. An RFID tagging system includes the tag which is to be scanned, a read/write device, and a host system application which is capable for the collection of data, its processing, and transmission of that data
An RFID tag (sometimes called an RFID transponder) consists of a chip, some memory and an antenna.
3.1.2
Encryption and Decryption
Every document send by administrator goes through encryption process and then it is saved to database. The file is encrypted at sender side and then it is sent to the server to save it to database. This reduces the chances to make changes to a file by an intruder. The Advanced Encryption Standard 256-bit (AES 256-bit) is used to make the encryption more secure and very difficult to decrypt it without its associated Key File or Key Length.
While Retrieving the file from Server/Database, the same encrypted file is send to the client/administrator and is automatically decrypted when it arrives and stores at the given location in hard disk.
3.1.3
Compression
Each file send to the server by administrator is being compressed by our automated compression algorithm before file goes in encryption process. The 38% of file Compression is applied to a document. The quality of document remains almost same after applying compression i.e. A file with size 343 KB is compressed to size 248 KB.
After the file is compressed at its maximum compression level, the file ready for being encrypted.
3.1.4
Database
We are using MongoDB i.e. NoSQL Database. Advantage of using MongoDB as the database for storing file is its open-source. It also provides SSL layer while storing the
data to the database. In Other words, the MongoDB can be linked to Hadoop Ecosystem, due to which the data issues or consumption of spaces can be less used.
3.2 Procedure
SID: (SCQC Identification Number)
3.2.1 Following steps are to be considered at the
administrator or client side:
STEP 1.
Start the SCQC system.STEP 2.
User will be asked to Swap the SCQC Card.STEP 3.
Card scan successful will be shown on the display.STEP 4.
SCQC Card SID will be read by the RFID cardreader and sent to centralised database present in the Central Node.
STEP 5.
If that SID is not present then go to step 7.STEP 6.
If that SID is present in the system then all the available documents with that SID will be retrieved from database to the administrators’ system and decrypted at the same side and will be given to the administrator.STEP 7.
Show to administrator SCQC card is not registered with the systemSTEP 8.
Ideally wait for another card to be scanned3.2.2 Following steps are to be considered at the
University/Board Side:
STEP 1.
STARTSTEP 2.
Once the results are ready initially Establish the secure connection with SCQC serverSTEP 3.
If the connection is not established then try againSTEP 4.
Else go to Step 5STEP 5.
Optimise/Reduce the result pdf size with compression algorithmSTEP 6.
Compressed result pdf will be Encrypted with the AES algorithm effectively for preventing it from attacksSTEP 7.
Encrypted file is transferred to the SCQC centralised system successfullySTEP 8.
That encrypted transferred file will be stored in SCQC centralised database as per the allotted SIDSTEP 9.
END3.2.3 Following steps are to be considered at the
SCQC Server side:
STEP 1.
STARTSTEP 3.
Get all the relevant encrypted document files from the respective Boards/University/Government Firms.STEP 4.
Store those encrypted files accordingly in the Central Database with respect to associated SID.STEP 5.
When SID is received from the client side check itin the database.
STEP 6.
Acknowledge the SID exitance status to the client.STEP 7.
If SID exists in records, Send all the encrypteddocuments to the Client.
STEP 8.
Wait for more document retrieval request.4.
RESULTS
1. The Admitting Candidate will be asked to scan the RFID card. If the RFID Card belongs to Reader System and is Valid the ID will be passed to the database for validation purpose.
2. As the card is scanned, the reader will give a beep and Scan Successful will be displayed on the LCD Display.
3. After Successful validation the administrator can access the documents required for the need of Admission to College.
4. Same procedure for the Company Recruitment to check the valid and originality of document.
5. While Uploading or Retrieving the documents, the file may be of Extension .jpg, .pdf, etc. will be compressed before storing and then the encryption is applied to the file. The quality of file after compression will remain almost same. As we can see in the above snapshot size of original document was 343kb but after compression it will be 248kb Content of the encrypted file is as below,
5
.
CONCLUSION
In this paper, we have proposed Smart Centralized Qualification Card (SCQC) design which will fully eliminate the document frauds as all the original documents are directly linked to the SCQC by the respective university or the board. At each retrieval time, the data is passed via encryption and decryption that makes a secured communication that the chance to change/ attack details from the database is low. In other way, it also reduces time to verify the documents. Implementation of our proposed system takes a step towards the digitalization i.e. it makes the work paperless by providing all the original documents without tempering on just one scan of the SCQC.
6.
ACKNOWLEDGMENTS
We would like to express our thanks to our guide as well as the HOD of the Computer department Prof. Sarika Zaware for her whole-hearted co-operation and valuable suggestions and technical guidance throughout the project work. Finally, we would like to thanks all the staff members of Computer Department who helped us directly or indirectly to complete this project work successfully.
7.
REFERENCES
[1] Nawal Kishor, Kalpana Dwivedi, Veer Bhadra Pratap Singh Yadav, “Smart Aadhaar Card with RFID”, ICACTRP 2017.
[2] Kamta Nath Mishra, “Aadhar based smartcard system for security management in South Asia”, IEEE 04 May 2017.
[3] Madhumita Pande, “Performance Analysis of Encryption Algorithm for Security”, IEEE 26 June 2017.
[4] Irfan A. Landge, B.K.Mishra, “VHDL Based
BLOWFISH Implementation for Secured Embedded System Design”, IEEE 2017
[5] Apurba Gorai, Rajarshi Pal, Phalguni Gupta, “Document fraud detection by ink analysis using texture features and histogram matching”, 2016 IEEE.
[6] Suresh Yaram, “Machine Learning Algorithms for Document Clustering and Fraud Detection”, 2016 IEEE.
[7] Yoso Adi Setyoko, I.G.B. Baskara Nugraha, “Multipurpose Smart Card System”, IEEE 19 January 2015.
[8] Smita Khot, Diksha Kamble, Bharti Lokhande, Prachiti Sardar and Tushar Khose, “Online Ration Card System by using RFID and Biometrics”, IJARCCSE 2015. [9] Pratiksha Divase, Ashwini Thopate, Priyanka Salunkhe,
Prof. Jayshree Chaudhari, “Secure Travel System Using Aadhar Card”, IJERT 2014.
[10] K. Eswar Kumar, Ashok Kumar Yadav, Dr. T. Srinivasulu, “Smart Card based Robust Security System”, IJEI 2013.
[11] Aditya Bodake, Viraj Baviskar, Ashwini Bodake, Shital Bhoite, Prof. N. J. Kulkarni, “Multipurpose Smartcard System”, 2012 IJARCET.
[12] ” J. M. Blackledge, E. coyle, “e-Fraud Prevention based on the Self Authentication of e-Documents”, IEEE 08 March 2010.
[13] Sayed Abdoul-Moaty ElBadawy, Waleed A, El-Masry, “A New Chaos Advanced Encryption Standard (AES) Algorithm for Data Security”, IEEE.
[14] Gaurav Gupta, Sanjoy Kumar Saha, Shayok Chakraborty
and Chandan Mazumdar, “Document Frauds:
