This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
The use of mobile phones is expanding rapidly both within business and individually. They are now Essential tools that offer competitive business advantages in today's world .The technology advancement has made it possible to embed more facilities in mobile phones .Secure cash transaction is of serious concern in today's growing use of cash cards and internet transactions. Cash withdrawal cards, chips and pin facility are one of the facilities which have increasingly been used. However there has been a limited research focus on security and flexibility of using ATM cards. This paper will introduce the concept of development of a system that will allow users to use their mobile phones for secured ATM card transaction. To maximize ATM's effectiveness and profitability, card users must feel safe and the ATM's vault must be secure from theft. If the card is lost; there is a chance of malfunction. To overcome this we are proposing a new method in this project. This paper presents the architecture for mobile security application using Global System for Mobile Communication, commonly called as GSM.
Index Terms: 1. Secure M-Cash Withdrawal.
2. Automatic Teller Machine.
There has been a growing use of Global System for Mobile Communication (GSM) in different business environments. A typical example includes the usage of mobile phones by everyone. The main advantage of GSM to businesses is providing lower bit rate voice coding enabling for more Users getting the service simultaneously. New Services like SMS are also introduced; providing good customer service; cost reduction and flexibility. In this paper this technology has been used in a new application called Secured ATM Transaction, a system whereby a mobile phone is equipped with GSM. The mobile will interact with an ATM machine which is equipped with GSM modem and a banking system. The process of interaction will be utilized using the physical browsing phenomenon. The main purpose of interacting via mobile phones is to improve the security of transactions.
GSM - is a digital cellular phone technology that uses narrowband TDMA; which allows eight simultaneous calls on the same radio frequency. The application of physical selection/browsing method used in mobile phones can be categorized in to three forms: mainly touching, scanning and validating. This paper is mainly concerned with scanning and validating. Scanning is seen in the case of password matching mechanism, in an ATM machine. Validating is used as a way of sending the required information between the mobile devices as well as receiving the acceptance message needed for authentication.
In the proposed Secured ATM transaction, the following variables are needed: a mobile phone with ISO standard and, a cash machine with transmitter and receiver and a banking system that deals with other operations. Each of these components will be examined. Most importantly, security issues that have been raised and other critical future security threats are addressed accordingly.
Mobile devices offer potential means of making use of various technologies that will result in a more flexible and efficient way of delivering services to customers. Considering the formula/hypothesis below:
SMS - Short Message Service is a communication service standardized in GSM mobile communication system using standard communications
Mobile + GPRS = many possibilities
Or replacing GPRS with the technology you get
Mobile + Technology = many possibilities
Hence, from the hypothesis above, it can be deduced that there are many other application that can be realized - time and technology permitting. To achieve various functionality and make good use of mobile devices; so that people can keep them and utilize their potentials.
The physical browsing phenomenon in mobile phones has been used in many applications such as M- Wallet. Mobile payment , other systems such as SMS picture synchronization and booking items in library applications has also been implemented by making use of the touch - me paradigm. Other applications include: purchase of goods at vending machine, topping up phone at ATM machine and M- Banking from Citibank portal".
In the UK, people have started to benefit from the developments of contactless payment embedded into mobile phones. Most popularly the Nokia phones have been equipped with similar technology used in Oyster cards. This allows customers to make payment by swapping their phone on special terminals as well as against special posters which can present users with useful local information such as maps. The spending power of the phones is limited to a credit of £200 and a maximum payment per transaction of £10. Also recent development in the banking industry adopts the technology of contactless communication with new contactless Barclaycard been introduced. The card combines chip-and-pin with the oyster travel card methodology. The card is considered secure as it cannot be cloned or counterfeited. It is important to point out that this new methodology has done little to address the rising concerns of card fraud, the current card in use can be cancelled when get lost or stolen, same applies to the new one, for the cards not to be usable for contactless payment but for other methods of payment after being reported lost seems not convincing enough, on the other hand it even makes this worst in the sense that, a stolen card can be easily used without making the criminal find any means of identifying i.e. the pin or any other information.
This research proposes a novel framework to reduce the problem of insecure cash transactions.
In Secured ATM card transaction , the methodology involves both software and hardware platforms. In addition to the design considers the possibility of using a commercial environment to evaluate the use of such technology.
Fig. 1 demonstrates how the proposed design and system interacts with both hardware and software components of Secure M-cash Withdrawal. It consists of a two-way handshake between mobile phone and the ATM machine as well as between the ATM machine and the Banking system. After successful handshake the ATM machine will dispense the required cash for the customer and accounting information is updated automatically. After swapping the ATM card and entering the password the mobile phone will receive an alert message from the GSM device connected to the ATM machine. That is the ATM machine(s) which is equipped with a secure GSM modem.
FIGURE 1. Proposed Design
The basic functionality of the Tag manager is to provide an interface for mobile users, to allow multiple applications from different vendors. The TAG READER is also known as the MOBILE USERS .A detailed description of the requirement and design for a phone located middleware component called Tag Manager. In order to implement tags that will work without the requirement of any network connection, where bandwidth and network connectivity become a problem this feature is of paramount importance. The Tag Manager can be implemented as a Server, Fig 2, which is loaded into the mobile user when the process is initialized. The interface can be either via the tag reader interface on the phone, using the mobile phone interface with some added functionality or designing a new interface to handle Secure M-Transactions.
Fig 3 describes the components that facilitate the interaction between the mobile phone/device, and the cash machine. The architecture is designed in a flexible way that will enable the use of C language for coding and the use of MPLAB IDE for simulating.
The second approach will require making use of downloadable applications such as IC PROG applications that are based on Mobile Information Device Profile (MIDP).
FIGURE 2: Tag Manager Interface
FIGURE 3: The Architecture of Secure M-Cash.
Most mobile phones are equipped with various network interfaces such as WLAN, Bluetooth, GSM, GPRS or UMTS. The framework is designed be meet the characteristics of MANETs and context-awareness in such a way that the user will be able to choose the network that provides high data transfer rates, secure data transaction and is cost effective. This process will be achieved through the use of software wrappers that will enable selection and identification of available communication channels based on the location of the device in an ad-hoc manner. In which authentication process can be verified before allowing access to the network itself. In this case security will be better monitored and control.
The application will use all possible available networks. However, it is more preferable if the user will not pay for any network usage or traffic. In this case proposed, the possibility of making use of existing mobile networks like GPRS or UMTS is provided. This enables some elements of user-centricity and allows privacy control and settings.
The Bank (s) should have a dedicated private network for this service. The required information regarding network availability will be provided by the near field network or by the preconfigured Banking network within the application itself. If a near field network is used, there is a need to have some mechanisms that will handle the configuration between available networks around a given geographical area as near filed networks will be out of range.
The Secure M-Application deals with the information transfer and financial transactions. Hence, the security elements considered during the design and implementation stage consists of making sure that the GSM modem used are in compliance ISO standards. It determines who is allowed to enter your network and hiding the information from hackers who may try to intercept information during transmission. However because the Secure M-Application is more susceptible to security threats , the design incorporates other security measures such as making use of Biometric data, as a further authentication layer.
Any of the Biometric information can be used in identifying users, by making use of individual anatomy. Hence, the data will be used as a unique personal attribute for security and authentication purposes. Since the focus of this paper is not on analyzing biometrics as a means of authentication. Fig. 4 describe the process of authentication using both password/pin system and biometric data. Both authentication factors are needed to match the stored once before allowing access to transactions else authentication will be automatically denied. This process will be able to reduce the effects of brute force attack, as millions of combinations need to be tried before gaining access .This should prevent such attacks from occurring. Also it is important to point out that a single sign-on process will improve the reliability of identity management and access control. Having this application as the security measure, the Secure M-Cash Withdrawal will be able to provide an excellent wireless identity management that will remove the current risk of identity theft and meet the required security standard of implementing the secure M-cash withdrawal and other M-applications.
This paper presents a novel architecture that can be used as a means of interaction between mobile phone, ATM machine and a Banking application for the purpose of withdrawing cash. The proposed design; the secure M-cash withdrawal allows the use of mobile phones as a tool of interaction and provide flexibility e. The first part of the architecture is the process of being implemented and all the process involved has been analyzed and justified where possible. The Secure M- cash has examined the possibility of making use of GSM for other applications and already there are some applications that have adapted this strategy. The Secure M-Cash Withdrawal architecture has been defined, it will form as a foundation for future work within this area, which includes implementing a PC based simulation of the architecture and implementing the system.