Finding Lost Debit Card Security Based Application
- Code Shoppy
- Jun 22, 2020
- 3 min read
Authentication require two or more factors: “something only the user knows”, “something only the user has” and “something only the user is”. The factors must be validated by the other party for validation to occur. In debit cards authentication mechanisms which can be easily cracked using different mechanisms. According to US attorney report at least 7,000 fake identities are used to obtain more than 25,000 credit cards and documented $200 million in losses, but the figure could rise. The present authentication mechanisms use mechanism where we enter our PIN in pos (point of sale) devices where it is vulnerable in case if we have any skimmer devices installed in any one of the component. Sometimes we have to enter OTP (one time password) in card reader, but it’s vulnerable in case of lost or theft of both mobile and card together. In proposed method, GSM mobile service is used provide the security. Lost Debit Card ATM Card Management System When the Debit card is used, Server will request user to enter a password in his/her mobile phone. If the password valid, Server precedes the transaction, if not so, denies it. The proposed solution effectively prevents clone cards and relay attacks on Debit cards using mobile phone authentication through the flash message service. The proposed solution effectively prevents clone cards and relay attacks on Debit cards using mobile phone authentication through the flash message service. This methodology can be implemented with the current system.
Objectives
This web application will provide the ATM CARD for Customer. Customer can register and select the lost and stolen debit card, credit cards get sms from another customer give. Customer can view the alert sms immediately. Admin can manage the whole process.
Existing Solution:
For some debit cards, we do not have any security mechanisms; we just swipe those cards and make the transaction. This system is highly vulnerable for all attacks, now a days security is added to these cards that we have to enter the PIN in card reader, but its vulnerable to relay attack which makes duplicate transactions and may leads the cards to be skimmed when they are swiped on malicious, For few other cards, we have to enter OTP in card reader, but it’s vulnerable in case of lost or theft of both mobile and card together.
Proposed Solution:
In proposed method, flash message mobile service is used provide the security. When the Debit card is swiped at terminal, the transaction information send to visa server through acquirer bank and with an authentication normal procedures. Visa server will request user to enter a password in his/her mobile phone through the mobile network. If the password is valid, Server proceed the transaction towards the card holder bank and checks availability of required amount then flow of the transaction is as usual, if the password is not valid, server denies the transaction and lets the merchant and user to know that the transaction is denied. So this method can resolve three drawbacks in existing system first case if a card is cloned and swiped at some terminal, anyway the request for password to original owner of the card, he/she can know this transaction is not done by them and they can decline the transaction.
Second case, if relay attack happens in a transaction, the user will be requested for password to perform a parallel transaction also, so he/she can avoid duplicate transaction. In third case, if the mobile phone and card are lost together, no one can make any transaction because the password is not known to anyone other than original user.
Comments