Security framework for addressing the issues of trust on mobile financial services

Various value added services on mobile phones had been widely used all across the globe and have even been able to influence the adoption of mobile phones in many countries. However, there has been a high degree of reluctance among the mobile users in adapting to mobile financial services (MFS). Studies have shown the lack of trust about security and privacy of data to be a major roadblock for adoption of MFS. Given the fact that there are multiple entities including the bank, telecom operator, non-banking financial organization, technology platform provider and others involved in a MFS transaction, it becomes more difficult to generate trust about data security among the end users as well as among the entities involved. This paper is based on a study that proposes a security framework for MFS that takes into account the multi-entity environment.

[1]  Muttukrishnan Rajarajan,et al.  Security Protection on Trust Delegated Data in Public Mobile Networks , 2009, eHealth.

[2]  Günther Horn,et al.  Authentication protocols for mobile network environment value-added services , 2002, IEEE Trans. Veh. Technol..

[3]  Heiko Rossnagel,et al.  Mobile Qualified Electronic Signatures and Certification on Demand , 2004, EuroPKI.

[4]  Matti Rossi,et al.  Mobile banking services , 2004, CACM.

[5]  Muttukrishnan Rajarajan,et al.  Parameter Based Access Control Model for Mobile Handsets , 2009, ISDF.

[6]  Sang-Uk Shin,et al.  Hash Functions and the MAC Using All-or-Nothing Property , 1999, Public Key Cryptography.

[7]  Cas J. F. Cremers,et al.  The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols , 2008, CAV.

[8]  Judy Chuan-Chuan Lin,et al.  Towards an understanding of the behavioural intention to use a web site , 2000, Int. J. Inf. Manag..

[9]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[10]  Sang-Chul Lee,et al.  Determinants of behavioral intention to mobile banking , 2009, Expert Syst. Appl..

[11]  Thomas Weigold Java-Based Wireless Identity Module , 2002 .

[12]  Steven Furnell,et al.  Authentication of users on mobile telephones - A survey of attitudes and practices , 2005, Comput. Secur..

[13]  Simson L. Garfinkel,et al.  Secure Web Authentication with Mobile Phones , 2004 .

[14]  Arjen K. Lenstra,et al.  Selecting Cryptographic Key Sizes , 2000, Journal of Cryptology.

[15]  Niina Mallat,et al.  Exploring consumer adoption of mobile payments - A qualitative study , 2007, J. Strateg. Inf. Syst..

[16]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[17]  M.H.P. Kleijnen,et al.  Consumer acceptance of wireless finance , 2004 .

[18]  Stuart J. Barnes,et al.  Mobile banking: concept and potential , 2003, Int. J. Mob. Commun..

[19]  Tommi Laukkanen,et al.  Mobile banking innovators and early adopters: How they differ from other online users? , 2008 .

[20]  Teppo Halonen Authentication and Authorization in Mobile Environment , .

[21]  Pin Luarn,et al.  AIS Electronic Library (AISeL) , 2017 .

[22]  Rajanish Dass,et al.  Exploring the factors affecting the adoption of mobile financial services among the rural under-banked , 2011, ECIS.

[23]  J. Donner,et al.  Mobile banking and economic development: linking adoption, impact, and use , 2008 .

[24]  Kai Rannenberg Identity management in mobile cellular networks and related applications , 2004, Inf. Secur. Tech. Rep..