IDL - International Digital Library Of Technology & Research Volume 1, Issue 5, May 2017
Available at: www.dbpublications.org
International e-Journal For Technology And Research-2017
Automated E-Pin Generator in Banking Sector Mrs. Kavya N 1, Mr. Girish 2 Department of Information Science & Engineering 1 MTech, Student - NIE, Mysuru, India 2 Guide & Associate Professor - NIE, Mysuru, India
Abstract: For the purpose of saving and securing money, to get loans, employers to get wages, to pay bill online, etc., every human being require a bank account. Either it can be savings account or checking account, each one has its own functionalities. In earlier days the person needs to go for bank for account opening or any other transactions, but now through online any functionality can be handled. If a user can able to access the privileges of bank he must have an account. So the initial step of banking is account opening. To open an account in any bank it undergoes several steps. First the user walk in to any bank or he can visit to any bank website then he needs pick up an account opening application and then has to fill his valid personal details in the application, mention the type of account he is going to open and finally provide nominee for his account. After all these process a unique account number is provided to user in a couple of days. Our project is implemented based on the banking system which is going to resolve the delay in providing an account number by the bank that takes a couple of days to process. To avoid this delay we are implementing a banking application that will process the user application day by day with a short period of time the user will get his bank account number more efficiently.
INTRODUCTION The old manual process in banking is not sufficient for remote application, we are finding technology to reduce man work and paper to creating personal account through online with credential verification
IDL - International Digital Library
1|P a g e
done by banking. Here we are applying IdentityBased Encryption dramatically simplifies the process of securing sensitive communications, this encryption securely generate key according to user or register mail id. A trusted third party, called the Private Key Generator (PKG), generates the corresponding private keys. To operate, the PKG first publishes a master public key, and retains the corresponding master private key (referred to as master key). Given the master public key, any party can compute a public key corresponding to the identity ID by combining the master public key with the identity value. To obtain a corresponding private key, the party authorized to use the identity ID contacts the PKG, which uses the master private key to generate the private key for identity ID. Users encrypt messages (or verify signatures) with no prior distribution of keys between individual participants. This is extremely useful in cases where pre-distribution of authenticated keys is inconvenient or infeasible due to technical restraints. However, to decrypt or sign messages, the authorized user must obtain the appropriate private key from the PKG. A caveat of this approach is that the PKG must be highly trusted, as it is capable of generating any user's private key and may therefore decrypt (or sign) messages without authorization. Because any user's private key can be generated through the use of the third party's secret, this system has inherent key escrow. A number of variant systems have been proposed which remove the escrow including certificate-based encryption, secure key issuing cryptography and certificate less cryptography. One of the major advantages of any identity-based encryption scheme is that if there are
Copyright@IDL-2017
IDL - International Digital Library Of Technology & Research Volume 1, Issue 5, May 2017
Available at: www.dbpublications.org
International e-Journal For Technology And Research-2017 only a finite number of users, after all users have been issued with keys the third party's secret can be destroyed. This can take place because this system assumes that, once issued; keys are always valid (as this basic system lacks a method of key revocation). The majority of derivatives of this system which have key revocation lose this advantage.
OBJECTIVES One of the major advantages of any identity-based encryption scheme is that if there are only a finite number of users, after all users have been issued with keys the third party's secret can be destroyed. This can take place because this system assumes that, once issued; keys are always valid (as this basic system lacks a method of key revocation). The majority of derivatives of this system which have key revocation lose this advantage. Currently if any person needs to create bank account, he has to enroll in the bank/internet, details will be verified and then account will be created. After account creation the PIN and Internet Banking credentials will be shared through post, which will take couple of days. In our project we are introducing automated banking where user can fill form online to create account. Once in a day (usually end of the day) concerned officer will verify the details provided by the user. Once verification is done, the automated system will send E-Pin to the registered user through mail using IBE algorithm which is safe and user will be happy as the account is created and all the credentials are shared on the same day. IBEIdentity based Encryption uses identity as the key for encryption, in our case we can use email-Id as the identity and extra safety measures can be taken by having OTP through registered mobile etc. which will increase the security of the system. . A number of variant systems have been proposed which remove the escrow including certificate-based encryption, secure key issuing cryptography and certificate less cryptography. One of the major advantages of any identity-based encryption scheme is that if there are only a finite number of users, after all users have been issued with keys the third party secret can be destroyed.
IDL - International Digital Library
2|P a g e
Moreover, as public keys are derived from identifiers, IBE eliminates the need for a public key distribution infrastructure. The authenticity of the public keys is guaranteed implicitly as long as the transport of the private keys to the corresponding user is kept secure (Authenticity, Integrity, Confidentiality). Automatic mail authentication is highly recommended for every mail sender to ensure that your messages are correctly classified. Authentication by itself is not enough to guarantee your messages can be delivered, as spammers can also authenticate mail. Gmail combines user reports and other signals, with authentication information, when classifying messages. Similarly, the fact that a message is unauthenticated isnâ€&#x;t enough to classify it as spam, because some senders donâ€&#x;t authenticate their mail or because authentication breaks in some cases. Our project introducing secured key generation based on email authentication, you can use authentication data to verify the source of any message that you receive. First, the user or new register person register his information throw bank website, the registration website requires some mandatory information throw registered side. After user registration data will stored successfully into bank data bases. Here we are used open source mysql database for storing user information. After registration Google mail server verified mail and send message to user mail. This process is automatically done throw banking side. After new user registration manager or bank employee may look all new user profile for verification. Manager or respected bank employee verified by credential or information and he may provide access for successful registration or he may reject the form by finding faults. Second the respected bank person finally verified and approved for new request. Here he follow.. 1. Approved ( If user request can be verified successfully ) 2. Pending ( Still require permission to approved by higher authorized person in bank) 3. Reject ( Request rejected by invalid information )
Copyright@IDL-2017
IDL - International Digital Library Of Technology & Research Volume 1, Issue 5, May 2017
Available at: www.dbpublications.org
International e-Journal For Technology And Research-2017 In approved stage, user request is valid and employee successfully verified by authorized employee, this stage only activated when all information from user side can be only valid. Mainly this stage generate two different key one is „Public Key‟ and „Private Key‟, Private key generate by authorization person using identity based encryption, Private Key generated by new user mail id using identity based encryption. Algorithm Used: Step 1: Public Key Generation PuKG(name, rand(K)) Step 2: Select Random R(PKG), Calculate a set(PKG, R) Step 3: Private Key Generation PrKG(mail id) Calculate a set int key=(read char(mail)) Concate( key, char mail id ), Continue Step 3 till end of mail id character Step 4: Generate Secrete key(PuKG, PrKG) In pending stage, if bank employee need higher level authorized person permission to approver request, he can put new request to pending stage, after pending stage this request information sent to higher level for approved new registration process. After this process again back to approve stage for verification. In rejection stage, if new user data is invalid or he may not specified valid information then only the respected bank person can be able to reject this new request. The bank employee may specify comments for rejecting application, this comments will transfer to new user mail. If bank employee needs more information from new user or he can mention valid data from new user throw mail only.
METHODOLOGY System Design: Design is a creative process; a good design is the key to effective system. The system “Design” is defined as “The process of applying various techniques and principles for the purpose of defining a process or a system in sufficient detail to permit its physical realization”. Various design features are followed to develop the system. The design specification describes the features of the
IDL - International Digital Library
3|P a g e
system, the components or elements of the system and their appearance to end-users.
4.1 Fundamental Design Concepts A set of fundamental design concepts has evolved over the past three decades. Although the degree of interest in each concept has varied over the years, each has stood the test of time. Each provides the software designer with a foundation from which more sophisticated design methods can be applied. The fundamental design concepts provide the necessary framework for “getting it right”. The fundamental design concepts such as abstraction, refinement, modularity, software architecture, control hierarchy, structural partitioning, data structure, software procedure and information hiding are applied in this project to getting it right as per the specification.
4.1.1 Input Design The input Design is the process of converting the user-oriented inputs in to the computer based format. The goal of designing input data is to make the automation as easy and free from errors as possible. Providing a good input design for the application easy data input and selection features are adopted. The input design requirements such as user friendliness, consistent format and interactive dialogue for giving the right message and help for the user at right time are also considered for the development of the project. Input design is a part of overall system design, which requires very careful attention. Often the collection of input data is the most expensive part of the system, which needs to be route through number of modules. It is the point where the user ready to send the data to the destination machine along with known IP address; if the IP address is unknown then it may prone to error.
4.1.2 Output Design A quality output is one, which meets the requirements of the end user and presents the information clearly. In any system results of processing are communicated to the users and to other systems through outputs. It is most important and direct source information to the user. Efficient
Copyright@IDL-2017
IDL - International Digital Library Of Technology & Research Volume 1, Issue 5, May 2017
Available at: www.dbpublications.org
International e-Journal For Technology And Research-2017 and intelligent output improves the systems relationship with source and destination machine. Outputs from computers are required primarily to get same packet that the user has send instead of corrupted packet and spoofed packets. They are also used to provide to permanent copy of these results for later consultation.
4.2 System Architecture:
Implementation phase should perfectly map the design document in a suitable programming language in order to achieve the necessary final and correct product. Often the product contains flaws and gets ruined due to incorrect programming language chosen for implementation. In this project for implementation purpose Java is chosen as the programming language.
RESULTS The following snapshots define the results or outputs that will get in this project after step by step execution of all the modules of the system.
Figure : System Architecture Our proposed work is based on banking application. While a customer wants to open an account in any bank, he has to follow some fundamental rules of each bank. Our application represents easy way of opening an customer account and provide unique account number in short period of time.
IMPLEMENTATION
Figure : New user registration Form To enroll an account in any bank user has to fill an application form by writing on paper or by online providing valid details about him. The above figure shoes our application registration form for new user. When he provides valid details, the registration request send to bank employee for verification of information provided by the new user.
The implementation stage requires the following tasks. • Careful planning. • Investigation of system and constraints. • Design of methods to achieve the changeover. • Evaluation of the changeover method. • Correct decisions regarding selection of the platform • Appropriate selection of the language for application development
IDL - International Digital Library
4|P a g e
Figure : Form for user to view the process done by bank Employee
Copyright@IDL-2017
IDL - International Digital Library Of Technology & Research Volume 1, Issue 5, May 2017
Available at: www.dbpublications.org
International e-Journal For Technology And Research-2017 The advantage of the application is the user can able to view the process happening in the bank related to his bank account opening. The above figure shows the user view of the application.
CONCLUSION We are concluding in our project, we are introducing automated banking where user can fill form online to create account. Once in a day concerned officer will verify the details provided by the user. Once verification is done, the automated system will send E-Pin to the registered user through mail using IBE algorithm which is safe and user will be happy as the account is created and all the credentials are shared on the same day. IBE-Identity based Encryption uses identity as the key for encryption, in our case we can use email-Id as the identity and extra safety measures can be taken by having OTP through registered mobile/mail etc. which will increase the security of the system.
REFERENCES [1] Peng Xu; Tengfei Jiao; Qianhong Wu; Wei Wang; Hai Jin “Conditional Identity-Based Broadcast Proxy Re-Encryption and Its Application to Cloud Email” IEEE Transactions on Computers, Year: 2016. [2] XiaoFang Huang; Qi Tao; BaoDong Qin; ZhiQin Liu “Multi-Authority Attribute Based Encryption Scheme with Revocation” - 24th International Conference on Computer Communication and Networks (ICCCN) Year: 2015. [3] Zi-Yik Cheah; Yik-Shu Lee; Thong-Yun The; Ji-Jian “Simulation of a pairing-based identitybased identification scheme in IOS” IEEE International Conference on computer Applications (ICSIPA) Year: 2015. [4] Fuchun Guo; Willy Susilo; Duncan Wong; Vijay Varadharajan “Optimized Identity-Based Encryption” Transactions on Dependable and Secure Computing year: 2015, Volume: PP, Issue: 99, Year: 2015.
IDL - International Digital Library
5|P a g e
[5] Zheng Yan; Xueyun Li; Mingjun Wang; Athanasios Vasilakos “Flexible Data Access Control based on Trust and Reputation in Cloud Computing” IEEE Transactions on Cloud Computing Year: 2014. [6] Hasan Kadhem; “A novel authentication scheme based on pre-authentication service Security and Cryptography (SECRYPT)”, 2013 International Conference on computer application, Year: 2013 [7] Xiangyang Jiang; Jie Ling; “Simple and effective one-time password authentication scheme Instrumentation and Measurement, Sensor Network and Automation (IMSNA)”, 2nd International Symposium, Year: 2012 [8] Tan, S. Y., Heng, S. H., Goi, B. M., Chin, J. J., Moon, S., "Java Implementation for Identity-Based Identification", International Journal of Cryptology Research, 2009, pp.21-32,1(1). [9] Heng, S. H., Chin, J. J., , "A k-Resilient Identity-Based Identification Scheme in the Standard Model",International Journal of Cryptology Research, 2010, pp.15-25,2(1). [10] Tan, S. Y., Chin, J. J., Heng, S. H. and Goi, B. M., "An Improved Efficient Provable Secure Identity-Based Identification Scheme in the Standard Model", KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, April, 2013, pp.910-922,7(4). [11] Chin, J. J. and Heng, S. H., "Security Upgrade for a k-Resilient Identity-Based Identification Scheme in the Standard Model", Malaysian Journal of Mathematical Sciences, March, 2013,pp.73-85,7(S). [12] Tea, B. C., Ariffin, M. R. K. and Chin, J. J., "An Efficient Identification Scheme in Standard Model Based on the Diophantine Equation Hard Problem", Malaysian Journal of Mathematical Sciences, August, 2013, pp.87-100,7(S). [13] Chin, J. J., Tan, S. Y., Kam, Y. H. S. and Leong, C., "Implementation of Identity-Based and Certificateless Identification Schemes on Android
Copyright@IDL-2017
IDL - International Digital Library Of Technology & Research Volume 1, Issue 5, May 2017
Available at: www.dbpublications.org
International e-Journal For Technology And Research-2017 Platform", Cryptology 2014, 24-26 June, 2014, The
IDL - International Digital Library
6|P a g e
Everly, Putrajaya, Malaysia, 57-64,4.
Copyright@IDL-2017