n Suid-Afrikaanse Tydskrif vir Natuurwetenskap en Tegnologie - Biometriese egtheidsbevestiging tydens intydse bankdienste : referaatopsomming

Abstract

A system for biometric authentication in online banking

---

Online banking is under attack by cyber criminals using methods such as phishing, spoofing, and man-in-the-middle attacks. The system proposes using a biometrically secured USB stick containing the client's fingerprint, a unique key S, and a limited web browser and other information, which is provided to the client by the banking institution. To log on, the client allows his or her fingerprint to be read by the USB stick, and access is granted if the print matches the one previously stored on the USB stick. The browser on the USB stick is then activated, taking the client to the bank's real online banking web page. Every transaction is then secured by means of randomly generated session keys using the shared key S, the transaction information and other information. This system prevents many of the currently known malicious attacks.