• No results found

NETWORK SECURITY IN E-BANKING

N/A
N/A
Info
Download
Protected

Academic year: 2020

Share "NETWORK SECURITY IN E-BANKING"

Copied!
8
0
0

Loading.... (view fulltext now)

Download now ( 8 Page )

Full text

(1)

20 INTERNATIONAL JOURNAL OF ADVANCES IN ENGINEERING RESEARCH

NETWORK SECURITY IN E-BANKING

1

KONAKALLA.SWATHI,2RESHMY

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING SAVEETHA SCHOOL OF ENGINEERING,CHENNAI

Email:[email protected]

ABSTRACT

E- bankingis an electronic payment system that enables customers of a financial institution to conduct financial transactions on a website operated by the institution, such as a retail bank, virtual bank, credit union or building society. In this paper we are going to discuss how to provide security for e-banking.Usually there the eight basic tips in securing. We are going to discuss elaborately about each tip in this paper. The electronic banking system addresses several emerging trends: customers’ demand for anytime, anywhere service, product time-to-market imperatives and increasingly complex back-office integration challenges. The challenges that oppose electronic banking are the concerns of security and privacy of information . The current focus of security of information transfer is on the session layer protocols and the flaws in end-to-end computing.

The solutions to the security issues require the use of software-based systems or hardware-based systems or a hybrid of the two. These software-based solutions involve the use of encryption algorithms, private and public keys, and digital signatures to form software packets known as Secure Electronic Transaction used by Mastercard and Pretty Good Privacy. Hardware-based solutions such as the Smartcard and the MeChip provide better protection for the confidentiality of personal information.

INTRODUCTION

(2)

21 INTERNATIONAL JOURNAL OF ADVANCES IN ENGINEERING RESEARCH What is Network Security?

Network security is also diagrammatic as a result of the hassle to form a secure computing platform, designed therefore agents (users or programs) cannot perform actions that they\'re not allowed to perform, but can perform the actions that they\'re allowed to. Network Security systems insure the integrity of the system by protecting from hackers creating an effort to urge into the system and by proscribing access among the system to individuals specific needs

8 Basic steps in securing:

1. Opt for associate degree account with 2 issue authentication

Try to get a checking account that gives some type of 2 issue authentication for on-line banking.These days several, however not all, banks provide alittle device which will be accustomed generate a novel code anytime you log in. This code is simply valid for a really short period of your time and is required additionally to your login credentials so as to realize access to your online account.

2. Produce a robust countersign

If your bank needs a user-generated countersign so as to access on-line accounts certify you select one that's robust. the simplest thanks to attain this is often by creating it long and a combination of higher and minuscule letters, numbers, and special characters.Always avoid mistreatment any common words or phrases and ne'er produce a countersign that contain your name, initials, or your date of birth. If your bank permits it, change your password every few months.

When fitting online banking, if your bank asks you to give answers to some commonplace security queries keep in mind that the answer you offer does not have to be the real one.So you do not have to be compelled to answer "Thumper" to the name of your 1st pet - build it one thing else, as if it was a countersign. Use a countersign manager if you area unit involved regarding however to keep in mind everything!

3. Secure your pc and keep it up-to-date

Security package is crucial of late, no matter what you utilize your pc for.As a minimum, certify you've got a firewall turned on and area unit running antivirus package. this can make sure you area unit protected against Trojans, keyloggers and alternative kinds of malware that might be accustomed gain access to your money information.

(3)

22 INTERNATIONAL JOURNAL OF ADVANCES IN ENGINEERING RESEARCH 4. Avoid clicking through emails

No financial organisation price their salt can send you AN email asking you to supply any of your login details.If you receive AN email that seems to be from your bank that asks for such details then treat it with suspicion because it could be a phishing arrange to trick you into handing your credentials over.

Phishing. Image courtesy of Shutterstock.Likewise, be aware of links in emails that seem to be from your bank – this is a trick typically utilized by the dangerous guys to get you onto a web site that appearance like your bank. once you log in to 'your account' they can steal your username and arcanum and, ultimately, your cash.It is always safer to access your online checking account by typing the address into your browser directly.

Also, remember of uninvited phone calls that purport to be from your bank. whereas your money establishment could need you to answer a security question, they must ne'er evoke passwords or PINs (they could evoke sure letters or numbers from them, however ne'er the complete thing).If unsure, do not be afraid to droop up and then decision your bank back via a phonephone variety that you have severally confirmed as being valid.

5. Access your accounts from a secure location

It's always best follow to attach to your bank exploitation computers and networks you recognize and trust.But if you need to access your bank online from remote locations you might want to set up a VPN (Virtual Private Network) so that you can establish an encrypted connection to your home or work network and access your bank from there.

Look for alittle padlock icon somewhere on your browser and check the address bar – the URL of the positioning you're on should begin with 'https'. each act as confirmation that you just ar accessing your account over AN encrypted association.

6. Perpetually log off once you ar done

It is smart follow to perpetually log off of your on-line banking session once you have finished your business. This can reduce the possibilities of falling prey to session hijacking and cross-site scripting exploits.You could additionally need to set up the further precaution of non-public browsing on your pc or good phone, and set your browser to clear its cache at the top of every session.

7. Discovered account notifications (if available)

(4)

23 INTERNATIONAL JOURNAL OF ADVANCES IN ENGINEERING RESEARCH matches or exceeds a specific quantity or the account balance dips below a sure purpose then a message can be sent.Such alerts may provide fast notice of suspicious activity on your account.

8. Monitor your accounts frequently

Gold coins. Image courtesy of Shutterstock.It should go without saying that monitoring the your financial statement monthly is nice practice as any unauthorised transactions are going to be guaranteed to appear there.

But why wait a whole month to discover a discrepancy? With on-line banking you have access 24/7 therefore take advantage of that and check your account on a regular basis. examine every transaction since you last logged in and, if you see any anomalies, contact your bank straight off.

SECURE ELECTRONIC TRANSACTION

Secure Electronic dealings (SET) was a protocol normal for securing master card transactions over insecure networks, specifically, the web. SET wasn't itself a payment system, however rather a collection of security protocols and formats that enabled users to use the prevailing master card payment infrastructure on an open network in a very secure fashion. However, it did not gain attraction within the market.

Summary of SET Protocol:

Secure payment systems are crucial to the success of E-commerce. There are four essential security necessities for safe electronic payments (Authentication, Encryption, Integrity

and Non-repudiation). secret writing is that the key security schemes adopted for electronic

(5)

24 INTERNATIONAL JOURNAL OF ADVANCES IN ENGINEERING RESEARCH Overview:

Secure Electronic Transactions (SET) depends on the science of cryptography – the encoding and coding messages. There ar 2 primary secret writing strategies in use today: secret-key cryptography and public-secret-key cryptography. Secret-secret-key cryptography is impractical for exchanging messages with an oversized cluster of previously unknown correspondents over a public network. For a merchandiser to conduct transactions firmly with legion subscribers, every client would need a definite key allotted by that merchandiser and transmitted over a separate secure channel. However, by exploitation public-key cryptography, that very same merchandiser could produce a public/private key try and publish the general public key, permitting any consumer to send a secure message thereto merchandiser. this can be why SET uses both strategies in its secret writing method. The secret-key cryptography utilized in SET is that the well-known encoding normal (DES), that is employed by financial establishments to cypher PINs (personal identification numbers). And the public-key cryptography utilized in SET is RSA. within the following section, the usage of cruciform (secret-key) and uneven (public-key) key secret writing in SET can be mentioned.

Use of symmetric Key:

In SET, message information is encrypted employing a every which way generated cruciform key(a DES 56-bit key). This key, in turn, is encrypted exploitation the message recipient’s public key (RSA). The result's the therefore referred to as “digital envelope” of the message. This combines the secret writing speed of DES with the key management advantages of RSA public-key secret writing. once secret writing, the envelope and also the encrypted message itself are sent to the recipient. once receiving the encrypted data, the recipient decrypts the digital envelope initial exploitation his or her personal key to obtain the every which way generated key so uses the symmetric key to unlock the first message. This level of secret writing, using DES, is simply cracked exploitation fashionable hardware. In 1993, a brute-force DES cracking machine was designed by Michael Wiener – one that was massively parallel. For fewer than 1,000,000 dollars, a 56-bit DES key might be cracked in average time of three.5 hours. For a billion bucks, a parallel machine is made that cracks 56-bit DES in an exceedingly second (Schneier, 1996). Obviously, this can be of nice concern since DES encrypts the majority of a group group action.

Use of asymmetric Key – Digital Signature (Message Digests):

(6)

25 INTERNATIONAL JOURNAL OF ADVANCES IN ENGINEERING RESEARCH possesses 2 uneven key pairs: a “key exchange” try, that is employed within the method of section key encryption and decipherment, and a “signature” try for the creation and verification of digital signatures (160-bit message digests). The formula is such ever-changing one bit within the message can amendment, on average, half the bits within the message digest. close to, the

chance of two messages having an equivalent message digest is one in

1,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000, which means it's

computationally impossible to get 2 totally different messages that have an equivalent message digest.

Dual Signatures:

(7)

26 INTERNATIONAL JOURNAL OF ADVANCES IN ENGINEERING RESEARCH SET Certificate Hierarchy:

CONCLUSION

(8)

27 INTERNATIONAL JOURNAL OF ADVANCES IN ENGINEERING RESEARCH

REFERENCES

[1] SetCo.SET Secure Electronic Transaction Specification: Business Description, May 1997.

http://www.setco.org/set_specifications.html

[2] Enabling technologies: SET in action http://sellitontheweb.com/ezine/tech31.shtml

[3] The SET Standard Book 1 Business Description

References

Download now ( PDF - 8 Page - 453.96 KB )

Related documents

If You Paid Overdraft Fees to Bank of America,

If the Court approves the Settlement and it becomes final and effective, all identifiable Settlement Class Members who remain in the Settlement Class will automatically get a

Nano Energy Harvesting with Plasmonic Nano-Antennas: A review of MID-IR Rectenna and Application

Schottky barrier diodes where electron moves across the barrier by a thermal activation and MIM (metal-insulator-metal) and MIIM (metal-insulator- insulator-metal)

Funded to Your Bank $23,736.93

Service Charges - Also known as Discount Rate; the amounts charged to authorize, process and settle card transactions. Service Charges are dependent on your Merchant Service

Helping to Protect You and Your Toys!

 Most homeowners insurance policies do not offer liability coverage or property damage protection when the boat is used off of the customers property.... • The

Confident living. Managing your money. Confident living series: Managing your money

If you don’t have a bank account or have always done your banking in a particular way, it might be worth considering whether or not you could get more from your current bank or

Fraud Protection, You and Your Bank

any business which accepts credit, debit, or prepaid card payments to comply with the Payment Card Industry Data Security Standard (PCI DSS).  The PCI DSS is a global standard

ONEUNITED ONLINE BANKING WITH BILL PAYMENT AGREEMENT AND DISCLOSURE JANUARY 2015

For example, when you use online banking to access your OneUnited Bank checking account, you do so under the terms and conditions you agreed to in the OneUnited Bank Personal

Do you need to... Do you need to...

Email filtering is a process of monitoring incoming email and then taking the appropriate action to protect against Spam and viruses. Certain criteria are set to determine if an