A Cancelable Biometric Based Security Protocol for Online Banking System

Abstract

The internet revolution has brought significant benefits to humanity. Undeniably, most businesses in both the public and private sectors now provide their services online through the internet. One of the businesses that have embraced the use of the internet to provide services to their customers is the banking sector. Banks obtain competitive advantage and increased productivity through the adoption of online banking. Bank customers enjoy online banking as it provides them with anytime, anywhere banking experience. Away from the benefits is the issue of security of customer transaction data and customer privacy. Many authors have proposed various solutions to address the online banking security problem but while some focus solely on client authentication, others dwell only on security of the data transfer channels. In this paper, we propose a cancellable biometric based authentication protocol which guarantees secure mutual authentication, customer privacy and offer a secure end-to-end transmission of customer transaction data. The protocol in this paper is designed using Biohashing, a biometric template protection technique and dual cryptographic algorithm that combines Advanced Encryption Standard (AES) and Data Encryption Standard algorithms. With these, we realized strong authentication and secure transaction information exchange protocol for online banking