An Investigation into Authentication Security of GSM algorithm for Mobile Banking

Text sample: Chapter 2.2, Mobile Banking and security: Definitely, the mobile banking has become greatly important nowadays, because it is faster and easier to be used and it saves time. However, security is a big challenge to this system because hackers form the most dangerous threat to this system. They can steal data and damage the system. Such issues were discussed by different writers in an attempt to identify security problems in banking application and to suggest remedial means to these problems. To begin with, Amir Herzberg (2003) (?2) has discussed some challenging issues related directly to secure payments in the banking transaction process. He provides a modular architecture which supports the security when the transactions start from the bank to the users. In addition, his architecture consisted of three important independent processes. In the first one, the device could identify the user from his card, password or from the information that was stored in the database of the system. The second process was authentication which was considered as the most important process because it could identify the user on the network of the mobile banking. Also, it supported the security in this system; the mobile authenticates the transaction request through either subscriber identification or through the cryptographic mechanism labelled as public or private key. The third process was the secure performance, which depended on the by the mobile transaction quality provided to the user. Nonetheless, these processes do not provide good secure implementation to the mobile banking transaction; therefore they cannot be taken as reliable and trustworthy. According to Chou et al (2010) (?47) the mobile banking payment architecture connected up the provided operator service provides and banking institution. He went on to say that the architecture permitted mobile consumers to buy services using the SMS and WAP. Therefore this architecture just provides an alternative payment idea but does not offer a clear picture concerning the process service delivery. Elliott et al (2010) (?14), however, established a payment system which used brands restrictive blinding signature to the mobile devices which could offer a multi-party security. As for Buchana et al (?6), he combined the SET protocol and the TLS/WTLS protocol to enhance security services over the WAP 1.X for the payment in the m-commerce Kungisdan et al (?0) on the other hand, suggested a payment protocol which provided a good measure of security. It is to be admitted here that this protocol meets the transaction security pre requisites using the public key based on payment protocols like the SET and the IKP. Laforet (2006) (?27) thought that mobile Internet banking is slowly increasing in China .At that year, there was only 33 % using online banking and 14% using mobile banking. Whereas, Howecroft et, (2005) (?28) reported that younger consumers used mobile banking more than older consumers. Skmm (2005) (?30) considered mobile phone as a good communication tool for the users to do their banking work in short time and from anywhere and at any time.