Development of Security Service for Mobile Internet Banking Using Personal Digital Assistants

The fusion of Internet technology and applications with wireless communication provides a new business model and promises to extend the possibilities of commerce to what is popularly called mobile commerce, or m-commerce. In mobile Internet banking service through wireless local area network, security is a most important factor to consider. We describe the development of security service for mobile Internet banking on Personal Digital Assistants (PDAs). Banking Server and Authentication Server were developed to simulate banking business and to support certificate management of authorized clients, respectively. To increase security, we took hybrid approach in implementation: symmetric block encryption and public-key encryption. Hash function and random number generation were exploited to generate a secret key. The data regarding banking service were encrypted with symmetric block encryption, RC4, and the random number sequence was done with public-key encryption. PDAs communicate through IEEE 802.IIb wireless LAN (Local Area Network) to access banking service. Several banking services and graphic user interfaces, which emulatedthe services of real bank, were developed to verity the working of each security service in PDA, the Banking Server, and the Authentication Server.