A Secured Two-Factor Authentication Protocol for One-Time Money Account

Credentials information stealing and online banking fraud are common problem in today's world. Two-factor authentications are used to overcome online banking frauds. But it can be easily broken by fraudster using different phishing techniques and synchronization vulnerabilities. These vulnerabilities weaken the security guarantees of smartphone based on two-factor authentication. Once authentication is broken fraudster has a direct online access of bank account with all access privileges. In this paper, we have attempted to minimize banking fraud by proposing OTM protocol for virtualization of bank account. Virtualization gives indirect and partial online access to bank account at the time of online financial transaction. OTM protocol derives virtual sub-accounts (VSA) from user bank account at the ATM machine using respective credit/debit card. Each virtual sub-account has assigned limit of maximum amount and used only one time for online banking.