• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

Internet Banking Login with Multi-Factor Authentication

Vol. 11, No. 1, January 29, 2017
10.3837/tiis.2017.01.027, Download Paper (Free):


Internet banking is one of many services provided by financial institutions that have become very popular with an increasing trend. Due to the increased amount of usage of the service, Internet banking has become a target from adversaries. One of the points that are at risk of an attack is the login process. Therefore, it is necessary to have a security mechanism that can reduce this risk. This research designs and develops a multi-factor authentication protocol, starting from a registration system, which generates authentication factors, to an actual authentication mechanism. These factors can be categorised into two groups: short term and long term. For the authentication protocol, only three messages need to be exchanged between a client and a financial institution’s server. Many cryptographic processes are incorporated into the protocol, such as symmetric and asymmetric cryptography, a symmetric key generation process, a method for generating and verifying digital signatures. All of the authentication messages have been proved and analysed by the logic of GNY and the criteria of OWASP-AT-009. Even though there are additional factors of authentication, users do not really feel any extra load on their part, as shown by the satisfactory survey.


Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.

Cite this article

[IEEE Style]
S. Boonkrong, "Internet Banking Login with Multi-Factor Authentication," KSII Transactions on Internet and Information Systems, vol. 11, no. 1, pp. 511-535, 2017. DOI: 10.3837/tiis.2017.01.027.

[ACM Style]
Sirapat Boonkrong. 2017. Internet Banking Login with Multi-Factor Authentication. KSII Transactions on Internet and Information Systems, 11, 1, (2017), 511-535. DOI: 10.3837/tiis.2017.01.027.