Authors :
Binitie; Amaka Patience; Anujeonye; Nneamaka Christiana; Ezzeh; Peace Oguguo
Volume/Issue :
Volume 7 - 2022, Issue 12 - December
Google Scholar :
https://bit.ly/3IIfn9N
DOI :
https://doi.org/10.5281/zenodo.7490754
Abstract :
Security of users’ data is of high importance,
especially when the data has to do with personal details
like health status, financial details and others. For
financial details, it is important that details of customers
like authentication data is secured by the financial
institutions. This will boost the confidence of customers.
Financial institutions uses various electronic means to
serve their customers which requires additional security.
Unstructured supplementary service data (USSD) is one
of the technologies that banks use to provide electronic
banking services to their customers at all locations. This
technology is so common because it built in all GSM
mobile phones. Despite its strong security features,
user’s data at mobile interface appears in plain text. This
exposes user’s data to shoulder surfing attack. The
research therefore reviewed existing methods that can
provide security against shoulder surfing attack and it
was discovered that these methods cannot be
implemented in USSD channel. This is because USSD
channel conveys data in plaintext only, but some of the
data contained by these method are images and colors.
Also they are third party applications and cannot be
accommodate by feature phones. This research,
therefore, designed a new authentication model called
“Transcare” to resist shoulder surfing attack during
USSD transaction. In this model, challenge response
approach is adopted to provide a secure authentication
data entry method in the presence of human shoulder
surfer, using Bag of Soft Biometrics (BoSB) details and
one time password (OTP) during user authentication.
Security of users’ data is of high importance,
especially when the data has to do with personal details
like health status, financial details and others. For
financial details, it is important that details of customers
like authentication data is secured by the financial
institutions. This will boost the confidence of customers.
Financial institutions uses various electronic means to
serve their customers which requires additional security.
Unstructured supplementary service data (USSD) is one
of the technologies that banks use to provide electronic
banking services to their customers at all locations. This
technology is so common because it built in all GSM
mobile phones. Despite its strong security features,
user’s data at mobile interface appears in plain text. This
exposes user’s data to shoulder surfing attack. The
research therefore reviewed existing methods that can
provide security against shoulder surfing attack and it
was discovered that these methods cannot be
implemented in USSD channel. This is because USSD
channel conveys data in plaintext only, but some of the
data contained by these method are images and colors.
Also they are third party applications and cannot be
accommodate by feature phones. This research,
therefore, designed a new authentication model called
“Transcare” to resist shoulder surfing attack during
USSD transaction. In this model, challenge response
approach is adopted to provide a secure authentication
data entry method in the presence of human shoulder
surfer, using Bag of Soft Biometrics (BoSB) details and
one time password (OTP) during user authentication.
