Journal of Korea Society of Digital Industry and Information Management (디지털산업정보학회논문지)

Korea Society of Digital Industry and Information Management (디지털산업정보학회)
권호 표지
DOI QR코드

DOI QR Code

A Multichannel Authentication Technique In The Internet Banking System Using OTP

OTP를 이용한 인터넷뱅킹 시스템의 다중 채널 인증 기법

  • 윤승구 (숭실대학교 정보과학대학원 정보보안학과) ;
  • 박재표 (숭실대학교 정보과학대학원 정보보안학과)
  • Received : 2010.08.27
  • Accepted : 2010.10.27
  • Published : 2010.12.30
Download PDF
⟨ Previous Next ⟩

Abstract

Due to the development of the Internet, Internet banking that we are liberated from time and space has evolved into banking system. So modern life became comfortable. However, Dysfunction (malicious Information leakage and hacking etc.) of the Internet development has become a serious social problem. According to this, The need for security is rapidly growing. In this paper, we proposed the Internet Banking Authentication System using a dual-channel in OTP(One Time Password) authentication. This technology is that A user transfer transaction information to Bank through one Internet channel then bank transfer transaction information to user using the registered mobile phone or smart phone. If user confirm transaction information then bank request user's OTP value. User create OTP value and transfer to bank and bank authenticate them throgth the ARS. If authentication is pass then transaction permitted. Security assessment that the proposed system, the security requirement that the confidentiality and integrity, authentication, repudiation of all of the features provide a key length is longer than the current Internet banking systems, such as using encryption, the security provided by the Financial Supervisory Service Level 1 rating can be applied to more than confirmed.

Keywords

References

  1. 박도권, "사이버침해 위협에 관한 연구," 한양대학교 박사학위논문, 2007. 2.
  2. 이창보.김정재.박찬길.전문석, "Key 교환 기반의 RFID 상호 인증 프로토콜의 설계," 디지털산업정보학회논문지, 2000, pp.31-41.
  3. 이영교.안정희, "공인인증서를 이용한 익명 인증방법," 디지털산업정보학회논문지, 2010, pp.116-129.
  4. 김소정.임종인.오일석, "사이버범죄의 암호화된 증거 수집에 관한 연구," 한국정보보호학회논문지, 2003, pp.113-122.
  5. 금융감독원, 금융부문 암호 기술 관리 가이드, 2010.
  6. 서승형.강우진, "OTP 기술현황 및 국내 금융권 OTP 도입사례," 한국정보보호학회논문지, 2007, pp. 18-25.
  7. 국가정보원, 방송통신위원회, 2008 국가정보보호백서, 2008.
  8. N. Haller, "A One-Time Password Standard," IETF RFC 1938, 1996.
  9. A. J. Menezes, P. C. Oorschot, S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1997, pp.395-397.