Secure Multi-Purpose Mobile-Banking Using Elliptic Curve Cryptography

Mobile technology and its applications now a day are considered to be a key note in banking sector. This has become possible due to mobile phone based suitable banking solution with multi-purpose transaction facilities. A number of banks are already offering mobile-banking service to their users, however, the usability of such service is limited by slow progress in adoptability, security dependency, partial capabilities (limited to balance enquiry and money transfer), and finally by overall efficiency issues. In this paper, we have presented a new ECC (elliptic curve cryptography) based mobile-banking application tool called m-BAT that runs in client-server environment, in which a user can connect to a bank server through a lightweight client tool running in the user's mobile phone. The proposed m-BAT not only fulfills the above limitations of existing mobile-banking schemes, but also supports cost-effective solution for mobile handsets. In addition, the scheme includes a secure cash-deposit and withdrawal mechanism implementable through nearby kiosks. A number of related security attacks on the proposed scheme are analyzed and are found to be well defended. Owing to ECC, different parameters with less bit-size are sufficient for such protection. Finally, the comparison of security features and performance efficiency of the proposed scheme are compared with other existing mobile-banking systems and better results are found.