Cybersecurity in banking and financial sector: Security analysis of a mobile banking application

Author

Panja, Biswajit ; Fattaleh, Dennis ; Mercado, Mark ; Robinson, Adam ; Meharia, Priyanka

Author_Institution

Univ. of Michigan-Flint, Flint, MI, USA

fYear

2013

fDate

20-24 May 2013

Firstpage

397

Lastpage

403

Abstract

The goal of providing a totally secure mobile based internet banking environment continues to be a moving target exacerbated by the free and readily available flow of information on the Internet at the disposal of would be attackers. As new security measures are devised, new attack vectors are developed to thwart these measures. A trusted device segregated from the Internet and potential malware seems like a simple, straight-forward solution. With the rapid development of smart phones and the plethora of smart phone applications becoming developed, the lines between the cellular network and the internet are being blurred, rendering the phone a not-so-trusted device. In this paper we show how existing smart phone banking applications can be tampered to capture user information and password.

Keywords

Internet; banking; cellular radio; invasive software; mobile commerce; smart phones; attack vectors; capture user information; cellular network; cybersecurity; financial sector; malware seems; mobile banking application; not-so-trusted device; secure mobile based Internet banking environment; security analysis; security measures; smart phone banking applications; smart phones; straight-forward solution; Authentication; Banking; Internet; Mobile communication; Mobile handsets; Online banking; android; mobile application; security;

fLanguage

English

Publisher

ieee

Conference_Titel

Collaboration Technologies and Systems (CTS), 2013 International Conference on

Conference_Location

San Diego, CA

Print_ISBN

978-1-4673-6403-4

Type

conf

DOI

10.1109/CTS.2013.6567261

Filename

6567261