Towards end-to-end security in branchless banking

Saurabh Panjwani
2011 Proceedings of the 12th Workshop on Mobile Computing Systems and Applications - HotMobile '11  
Mobile-based branchless banking has become one of the key mechanisms for extending financial services to low-income populations in the world's developing regions. One shortcoming of today's branchless banking systems is that they rely largely on network-layer services for securing transactions and do not implement any application-layer security. Recent results show that several of these systems are, in fact, not end-to-end secure. In this paper, we make the case for designing mobile-based
more » ... less banking systems which build security into the application layer and guarantee end-to-end security to system users. We present a threat model which captures the goals of authenticated transactions in these systems and then provide recommendations for solution design based on our model's requirements.
doi:10.1145/2184489.2184496 dblp:conf/wmcsa/Panjwani11 fatcat:53jylvdigvhzlbf42t56knhbdm