论文信息 - Know your customer (KYC) based authentication method for financial services through the internet

Know your customer (KYC) based authentication method for financial services through the internet

Financial services through the internet are running under various threats like phishing, pharming (cyber attack intended to redirect a website's traffic to another fake site), malware, and evolving sophistication of compromise techniques. Multi-factor authentication (MFA) financial service system alleviates the risk and makes it secure. Various methods of MFA run in troubles like the authentication device lost or stolen, false sense of security (if used on login device), compromised answer of the generic question, higher implementation costs, unambiguous movement profile, calculated hash value stolen (there is no chance to replace it), etc. Compliance with Anti-Money Laundering (AML), Know Your Customer (KYC) and sanction requirements continue to be a key focus area for Financial Institutions' (FIs) management; firms must ensure that they are following appropriate compliance procedures to meet the increasing regulatory demands [1,2]. By addressing existing limitation of MFA, this paper proposes dynamic KYC based MFA authentication method to ensure the secured access of the financial services through the internet. Analysis and simulation results show that the proposed method provides control same as existing MFA/2FA techniques, but customers will get relief from holding additional security devices that incur huge cost.

[1] ゴラン，リオール,et al. System and method for risk-based authentication , 2004 .

[2] Omer F. Rana,et al. Predicting client-side attacks via behaviour analysis using honeypot data , 2011, 2011 7th International Conference on Next Generation Web Services Practices.

[3] Maria Papadaki,et al. Alternative Graphical Authentication for Online Banking Environments , 2014, HAISA.

[4] Friedrich Schneider,et al. Combating Money Laundering and Terrorist Financing , 2012 .

[5] Jenq-Shiou Leu,et al. Design of a time and location based One-Time Password authentication scheme , 2011, 2011 7th International Wireless Communications and Mobile Computing Conference.

[6] Syeda Farha Shazmeen,et al. A Practical Approach for Secure Internet Banking based on Cryptography , 2012 .

[7] A. Ibitola,et al. Internet Banking Authentication Methods in Nigeria Commercial Banks , 2013 .

[8] BOARD OF GOVERNORS,et al. TO THE OFFICER IN CHARGE OF SUPERVISION AND APPROPRIATE SUPERVISORY AND EXAMINATION STAFF AT EACH FEDERAL RESERVE BANK, AND TO BANKING ORGANIZATIONS SUPERVISED BY THE FEDERAL RESERVE SUBJECT: Interagency Guidance on Authentication in an Internet Banking Environment , 2005 .

[9] Roberto Di Pietro,et al. A two-factor mobile authentication scheme for secure financial transactions , 2005, International Conference on Mobile Business (ICMB'05).