Abstract

The rise of the digital economy and the comfort of accessing by way of user mobile devices expedite human endeavors in financial transactions over the Virtual Private Network (VPN) backbone. This prominent application of VPN evades the hurdles involved in physical money exchange. The VPN acts as a gateway for the authorized user in accessing the banking server to provide mutual authentication between the user and the server. The security in the cloud authentication server remains vulnerable to the results of threat in JP Morgan Data breach in 2014, Capital One Data Breach in 2019, and many more cloud server attacks over and over again. These attacks necessitate the demand for a strong framework for authentication to secure from any class of threat. This research paper, propose a framework with a base of Elliptical Curve Cryptography (ECC) to perform secure financial transactions through Virtual Private Network (VPN) by implementing strong Multi-Factor Authentication (MFA) using authentication credentials and biometric identity. The research results prove that the proposed model is to be an ideal scheme for real-time implementation. The security analysis reports that the proposed model exhibits high level of security with a minimal response time of 12 s on an average of 1000 users.

Highlights

  • Virtual Private Network (VPN) is an emerging technology that turns out to be vital amongIT professions, research persons, and the common public in terms of employing the data resources through the cloud server

  • In this modern digital era, the common public utilizes the cloud resources [1] in the form of online financial transactions and as per the survey by Pew report and American Life project, 51% of users stated that they utilize cloud computing due to its easiness and convenience in accessing the resources

  • Garg et al [10] proposed and evaluated a mobile phone-based authentication with a session key agreement approach that provides strong authentication services to SOCKS V5 protocol. This proposed protocol is applicable for mobile devices and employs International Mobile Subscriber Identity (IMSI) number to provide an individual’s unique identification

Read more

Summary

Introduction

Virtual Private Network (VPN) is an emerging technology that turns out to be vital among. IT professions, research persons, and the common public in terms of employing the data resources through the cloud server In this modern digital era, the common public utilizes the cloud resources [1] in the form of online financial transactions and as per the survey by Pew report and American Life project, 51% of users stated that they utilize cloud computing due to its easiness and convenience in accessing the resources. The digital financial transactions [2] are executed by accessing the banking server through a third-party cloud service provider, which provides access by consigning session key on prosperous verification of authentication credentials. The feeble authentication paves a path to the breach of communication channel security and the integrity of the transmitted data was compromised The severity of this concern is the motivation for this research work, and its benefaction to resolving this issue is spotlighted as follows. (iv) The motive for the preference of voice recognition over different biometrics was these metrics follow image recognition system which can be duplicated whereas the voice recognition has the least possibility of duplication and most recent mobile devices embeds voice sensors for the authentication process

Organization of This Research Work
Recent Research Results
Preliminaries of Proposed Scheme
Algorithm for User Verification
Algorithm for Session Key Generation
Algorithm for Shielded Transaction Phase
Security Analysis
System Evaluation
Conclusion

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.