Paper Details

In the current global scenario, people have migrated from being citizens to netizens where card transactionsare most prominent at Automatic Teller Machines (ATM), Online transactions and Point of Sale(POS) terminals. Cardbreaches are also increasing that leads to many billion dollars of loss by compromising the merchant’s server to get carddetails including account number,Personal Identification Number (PIN) and Card Verification Value (CVV). At present, PINis the only factor that authenticates any transaction. Apart from that, a very few banks send One Time Password (OTP) forATM and online transactions which is not completely secure. Present systems do not have enough mechanisms to validate orcheck who initiates the transaction. This paper proposes to introduce a system in which the user’s smart phone is used tosecure card transactions by combining 3 way authentication and 2 factor authentication. Firstly, it checks the card holder’sbiometric viz., Finger print while a transaction is initiated. Secondly, OTP is neither sent nor received but it is autogenerated in the user’s smart phone which sends a trigger to the bank server that generates the same random number. Thissystem proposes to use a secure OTP generator algorithm that uses combinedSecure Hash Algorithm 1(SHA1), Hash BasedMethod Authentication Code (HMAC) HMAC-SHA256 and HMAC-MD5. The user enters the OTP after entering the PIN andit gets validated that the authorized person is the one who has initiated the transaction. Thus, reasonably securing a cardtransaction as it mandates the presence of the card holder for every transaction to be authenticated.

Yoga Lakshmi.P, “METHODTO SECURE CRITICAL TRANSCATIONS: COMBINNING THREE WAY & TWO FACTOR AUTHENTICATION”, International Journal of Advance Engineering and Research Development (IJAERD), Vol. 6, Issue 7, pp. 116-124, July 2019.