دانلود ترجمه مقاله کاربرد بیومتریک چند وجهی جهت بهبود امنیت اپلیکیشن های بانکداری اینترنتی – Doaj

• فهرست مطالب:

چکیده
۱ مقدمه
۲ برنامه های بانکداری آنلاین
۳ انتخاب بیومتریک های مناسب برای احراز هویت بانکداری اینترنتی
A اثرانگشت- یکی از قدیمی ترین روشهای احراز هویت
B تشخیص عنبیه
C سیستم های چند نمایی
۴ برنامه کاربردی برای ثبت نام بانکداری آنلاین
۵ نتایج

• بخشی از ترجمه:

همان گونه که می توان دید، مشخصه های بیومتریک برای برنامه های بانکداری اینترنتی مناسب بوده و از آنها برای افزایش امنیت استفاده می شود. کاربر می بایست مشخصه های بیومتریک فراهم نماید، و سیستم نیز برای پذیرش تنها بیومتریک های فراهم شده از سوی کار، بایستی انطباق پذیر باشد. اختلال فیزیکی در سیستم غیر انطباقی منجر به عدم امکان استفاده از برنامه می گردد. برای افزایش امنیت در حوزه حساسی مثل بانکداری اینترنتی، برنامه ها و تحقیقات زیاد دیگری می توان انجام داد.

• بخشی از مقاله انگلیسی:

The internet-banking concept is now part of our lives. It is easier to make transactions and to check the account status from your home than to go to a bank or to call a bank-officer. Almost all important banks are providing these kind of services to their clients. This is why the banks have to take into the account the security improvement of the authentication and signature tasks. Authentication can vary from a simple username and password (that is the weakest method) to private certificates and dynamically generated passwords (also called OTP – one time password). However, most of these methods are based on what user remembers (a password) or has (a digipass to generate an OTP). It could be easier to use something that user always possesses and that cannot be forgotten or lost. That’s why biometrics are suitable for authentication in such a sensitive domain as internet banking. Biometrics have proved that can be used in different applications, such as access control (in a building or in a car, for example), computer logon, for government applications, such as biometric passports, or for forensic purpose, such as corpse identification or criminal investigations. They are also used for airport or border security check. This proves that biometrics can be taken into account for securing the authentication in internet-banking applications. The idea of using biometrics for online banking authentication is not a new idea, but there were not deep researches in this field. One of the most interesting paper on this field is represented by [5], where is presented a comparative study in using biometrics for banking. The conclusion of this paper is that the end-user applications are not quite developed, the main interest being the use of biometrics for access control, branch banking or at ATMs. Using biometrics for internet banking is on the fourth place, with a proportion of 10% from the cases studied (121 banks from all over the world that use biometrics for various purposes). Other personal studies are presented in [1] and [3]. In the following paragraphs, we will present some important considerations on online banking applications, together with the some of the most used biometrics that are suitable for online use. On the paragraph regarding fingerprints we will present some of our researches in development of an optimal filter through convolution methods, necessary for restoring, correcting and improving fingerprints acquired from a sensor. In the end of this paper, we will present an application developed by us, which can be used in internet banking authentication. II. ONLINE BANKING APPLICATIONS Online banking (with its synonyms internet-banking, ebanking, virtual banking or private banking) stands for an application provided by banks to their customers, in order to manage their own accounts and to make payments, see or download account statements or to see or make operations related to associated credit cards. In Figure 1 it is presented a classical internet banking authentication webpage, where user has to introduce the username and a static or a dynamically-generated password (OTP). Devices called digipasses or tokens dynamically generate the OTPs (one-time passwords, valid for a short period of time, e.g. 30 sec.), based on an internal algorithm. The digipasses are associated with the user and could be opened by using a PIN (like photos 1, 2 and 4 from figure 2) or not (only by pushing a button, like the case in photo no. 3). The PIN is set at the bank office, when the user receives this device. The main problem is that this PIN can be forgotten, lost or stolen. This doesn’t happens with the biometric characteristics, that are always attached to the user. Another possibility is that, in order not to forget the PIN or username, the user will write these credentials on the device itself, leading to the possibility that a malicious people to use them in order to access the user’s account. This is one of the most important issues regarding tokens, because if the device is lost or stolen, and someone’s using credentials to access the account, then the real user can’t even know about this thing (not having anymore the device) and thus won’t announce the bank in order to block the access. Most of these devices are produced by the company VASCO and are personalized by each bank. In Figure 2 are presented 4 digipasses used by the major banks. After the successful login, the main page is opened. From this page, the authenticated user can: see a quick overview on all account, search for transactions, see the statements, make some operations, like internal transfer, payments, bill payments, foreign currency exchange or transfer, constitutes or clears a deposit, sign orders and have access to information about loans. In the figure 3 it is presented the dashboard of the internet banking application. Signing an order can be done by using the static password or an OTP.