ABSTRACTIn the world of today everything is getting connected with the Internet including banking.
Online banking hasfacilitated people and banks at a large extent but it has also increased therisks.For overcoming the risks of theft many innovations have been proposed bypeople such as hand gestureRecognition in online banking,retina scan in ATMs,using graphical passwords for online banking.But even though with the success of online banking there isstill a reluctance to use it because of uncertainty and secucurity concerns.Thispaper presents a comparision of all these innovative protection proposals toprotect the customer information from fraudsters who use techniques likephising and pharming for stealing thecustomer’s confidential data.The ID can be stolen,passwords can be forgotten orcracked but the physical characteristics of a person cannot be stolen orhacked.KEYWORDS: Online banking, banking security, online security innovations.INTRODUCTIONWith the increase in use of Internet everywhere, crime hasincreased and become easier. Humans have been using hand gestures forcommunication among themselves from a very long time but now this little aspectof human nature can be beneficial in the advancing technology also.
By keepingthat in mind the idea of hand gesture recognition,graphicalpassword,fingerprint and similar methods have been proposed in online banking security. INNOVATIONSHandgestureRecognition:The hand gesture recognition uses artificial neural networkstechnology and image processing for therecognition. Image processing has already been used in many areas likewatermarking.
This technology works by five processes-Image acquisition,skin colour detection,backgroundremoval,canny edge detection and contour detection. During this process thecustomer makes a hand gesture in front of a camera, then the background of thehands is removed and the color and texture of the skin of the hands is recordedand kept in the database. If someone else tries to unlockthe account by making the same hand gesture will ring a false alarm as the skinand texture of the person will be different from the customer as texture ofskin is a unique feature. In the case of kidnappings and forced withdrawals bythe robbers the customer will make a specific hand gesture and the nearbypolice station will be alerted immediately and alarm will ring. The handgesture recognition Implementation accuracy is 95.
7% .Drawback· The hand gesture technique is an innovativeidea but it does not provide 100% secureaccess like the system scans the color of skin so some other person withsimilar skin color or texture may get access to the account .· This method could prove to be a failure in caseof identical twins if one twin with identical skin tries to access the accountof the other. The Color codetechnique:The color code technique has been proposed in 2.When theuser logs in successfully user is directed to the authentication page of colorcode authentication. The user enters three colors in a coded form which isdynamically generated by the system to the user’s authenticity. If valid ,useris redirected to the transaction page to carry out the transactions fromaccount and if not valid user is directed to the login page again.Thisauthentication process is secure as the color code is sent to the user’sregistered mobile number in encrypted form.
Even if the attacker gets to knowthe colors the portal only authenticates the encrypted code of the colors.But there is a Drawback: · in this technique as if someone steals the phoneof user or someone from user’s family who has access to that cellphone willalso be able to access the transactions which is a threat to security. There are many loop holes in the current banking system:· Hackers can use a security hole to crack thesystem of authentication.· The hackers can send any virus hidden in someform which can corrupt the data of the user’s account.
· Hackers use “keystroke capturing/logging”3 inthis any information typed by user in the system gets stored by a software thatruns in the hidden mode on the machine.The question asking method wasalso proposed for preventing these threats in this the user will be asked manyquestions about himself that have been saved at the time of registration of his account. Question answertechnique:If the user answers the questions correctly he will bedirected to an image authentication page where the user will be shown manyimages and he will have to choose one from them that can authenticate hisidentity through the chosen image.If the correct image was chosen then anOTP(one time password) will be sent to the user’s contact number.Digital Signature:Another method proposed is “digital signature”4,it is anadvanced code that is electrically transferred record .
The bank produces it ina split,it has two parts one part is given to the user and the other part iskept in the database in encrypted form.Whenever the user enters any digitalsignature it is being matched with the other part in the database and if bothmatches then only the user is provided the access. Drawbacks:· The digital signature is given in a USB stickform(a pendrive like device),many banks have implemented this method alreadybut if the USB stick gets stolen the thief may get access to the user’s accountso this method is also not that much secure.Fingerprintmatching: The method of use of fingerprint for authentication 5 isalready in implementation in many fields but not so popular in online bankingsystem right now. An optical fingerprint sensor senses the fingerprint andgives high resolution images.
A device called “password manager” has beendeveloped for the scanning purpose and it is easy to operate and inexpensive.In this five impressions of a finger is taken one by one and are compared withthe already stored fingerprint withusername in the database .If thematching score is high the password is accepted and authentication is providedto the user else redirected to login again.Drawbacks:· Any injury in the finger of the user will createproblems for him to login the account· Before the person may hack or steal the passwordof the user but now due to the need of his physical presence during login thehackers may go up to the kidnappings for hacking the user’s bank accountGraphicalPasswords:The idea of use of “graphical passwords” have also beenproposed but not yet implemented much. The graphical password authenticationsystem works by4 let user choose pictures from the given pictures in acertain order, this term is called “Graphical User Authentication”. Thepasswords of the accounts are based on pictures and the pattern in which userselects them.
For the process ofauthentication firstly images are loaded and selected images with the sequenceof selection are stored ,then the data is sent to the server and if it matcheswith the server access to the user is allowed else account gets locked after acertain amount of number of trials. This technique is user friendly, easy toremember and hard to guess so comparatively more secure than other methods. Themethod has already been implemented inbanks of USA and Scotland.Drawbacks:· The user may forget the pattern in which he hadselected the pictures earlier.· If someone hacks the system of the user andmonitors the activity while the user fills the pattern of pictures then theaccount can be accessed by the hacker also.
CONCLUSIONS:Making online banking secure is very crucial nowadays asonline banking is gaining more and more popularity.All the innovations studiedduring this research were wonderful ideas but all ideas have pros andcons.After comparing pros and cons of all these innovations I have come to aconclusion finally.After studying the different innovations so far in thesecurity of online banking, the innovation of” graphical password” is moresecure and feasible for me as compared to other innovations mentioned in thispaper.
