Security enhancement of internet banking applications by using multimodal biometrics

Abstract

The internet banking applications have become more and more complex and almost each bank has got its own service. The login and signature security vary from user/static password authentication method (that is one of the weakest way to manage one's accounts) to certificates and tokens. Also, biometrics is increasingly used in many parts of our lives, from biometric passport, airport authentication and control access. It is easier and safer to login to internet banking with something you have or are (fingerprint, face, iris etc.) than with something you remember (and that can be stolen by malicious software or people). Also, signing an order will be more secure by using a fingerprint than a code generated by a token. A combination of these two authentication methods will lead to a visible security enhancement, too. The fingerprint can be used for two purposes: to open a token device and/or login to the internet banking application or sign an order. This article will introduce some concepts about these two fields: internet banking and biometrics. It will also present a securing internet banking operations model by using biometrics. During our researches, we developed a Java application to simulate access to an internet banking web-page. This application will be briefly presented at the end of the paper.