BANKS SHORT MESSAGE SERVICE THREATS NOTIFICATION SYSTEM ON ANDROID BASED PHONE
Abstract
This research is carried out for the development and implementation of an end-to-end encrypted Short Message Service (SMS) App, utilizing a hybrid cipher algorithm, driven by the notable insecurity observed in SMS communications on mobile devices. SMS is a widely used communication method, and the primary goal of this study is to create a system (App) for end-to-end encrypted SMS. Loss of phones is becoming vulnerable for threats, because we store vital records in android and these records are secret such that no other third party is required to see them, such as Bank SMS, Event Notification etc. Also this information can be compromised if android phone is been lost and found by the criminals. Kidnapping activity is serious case happening in northern part of Nigeria, so if a phone is being lost and discovered how financed he is (the device holder), there is any means of bank account compromisation as that would allow the bank to give some information about the account because of the registered SIM card inserted in android devices (phones). This system is aimed to secure Bank SMS by not allowing an unauthorized person to views the banks SMS, but all other SMS can be view. Whenever the Banks SMS is received by the Android phone, the system will encrypt it and can only be viewed if using correct decryption key, a notification will be sent to the owner other phone if more than two attempt to view the message is made, using a Hybrid Cipher...
References
Abah, J. (2022). Mobile Security: A Review 1. 6(1), 601004.
Abiodun, M. K., Imoize, A. L., Awotunde, J. B., Lee, C.-C., Adeniyi, A. E., Chioma, U., & Li10, C.-T. (2023). Analysis of a Double-stage Encryption Scheme Using Hybrid Cryptography to Enhance Data Security in Cloud Computing Systems. Journal of Library and Information Studies, 21(2), 1–26.
Agwanyanjaba, W. O. (2020). Enhanced Mobile Banking Security: Implementing Transaction Authorization Mechanism Via USSD Push. University of Nairobi.
Ahmad, Z., Ong, T. S., Gan, Y. W., Liew, T. H., & Norhashim, M. (2022). Predictors of Employees’ Mobile Security Practice: An Analysis of Personal and Work-Related Variables. Applied Sciences (Switzerland), 12(9). https://doi.org/10.3390/app12094198 DOI: https://doi.org/10.3390/app12094198
Akande, O. N., Gbenle, O., Abikoye, O. C., Jimoh, R. G., Akande, H. B., Balogun, A. O., & Fatokun, A. (2023). SMSPROTECT: An automatic smishing detection mobile application. ICT Express, 9(2), 168–176. DOI: https://doi.org/10.1016/j.icte.2022.05.009
Al-Janabi, S., Al-Shourbaji, I., Shojafar, M., & Abdelhag, M. (2018). Mobile Cloud Computing: Challenges and Future Research Directions. Proceedings - International Conference on Developments in ESystems Engineering, DeSE, February 2018, 62–67. https://doi.org/10.1109/DeSE.2017.21 DOI: https://doi.org/10.1109/DeSE.2017.21
Almomani, I. M., & Khayer, A. Al. (2020). A Comprehensive Analysis of the Android Permissions System. IEEE Access, 8. https://doi.org/10.1109/ACCESS.2020.3041432 DOI: https://doi.org/10.1109/ACCESS.2020.3041432
Alsaffar, M., Aljaloud, S., Mohammed, B. A., Al-Mekhlafi, Z. G., Almurayziq, T. S., Alshammari, G., & Alshammari, A. (2022). Detection of Web Cross-Site Scripting (XSS) Attacks. Electronics (Switzerland), 11(14), 1–13. https://doi.org/10.3390/electronics11142212 DOI: https://doi.org/10.3390/electronics11142212
Altulaihan, E., & Almaiah, M. A. (2022). Cybersecurity Threats , Countermeasures and Mitigation Techniques on the IoT : Future Research Directions. 1–41. DOI: https://doi.org/10.3390/electronics11203330
Anmulwar, S., Srivastava, S., Mahajan, S. P., Gupta, A. K., & Kumar, V. (2019). Rogue access point detection methods: A review. 2014 International Conference on Information Communication and Embedded Systems, ICICES 2014, July 2018. https://doi.org/10.1109/ICICES.2014.7034106 DOI: https://doi.org/10.1109/ICICES.2014.7034106
Aqel, M. J., Naqshbandi, O. A., Sokiyna, M., & Valentyn, P. (2020). Messaging System Design Based on Using Servers and Encoding System. 14(10), 107–127. DOI: https://doi.org/10.3991/ijim.v14i10.15189
Barth, S., de Jong, M. D. T., Junger, M., Hartel, P. H., & Roppelt, J. C. (2019). Putting the privacy paradox to the test: Online privacy and security behaviors among users with technical knowledge, privacy awareness, and financial resources. Telematics and Informatics, 41(February 2019), 55–69. https://doi.org/10.1016/j.tele.2019.03.003 DOI: https://doi.org/10.1016/j.tele.2019.03.003
Bekkem Sumanth Reddy, M. S. P. H. S. S. K. (2021). IRJET- Android based Secure End to End Encrypted SMS System. Irjet, 8(4), 2982–2988.
Bongard-Blanchy, K., Sterckx, J. L., Rossi, A., Distler, V., Rivas, S., & Koenig, V. (2022). An (Un)Necessary Evil - Users’ (Un)Certainty about Smartphone App Permissions and Implications for Privacy Engineering. Proceedings - 7th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2022, 173–180. https://doi.org/10.1109/EuroSPW55150.2022.00023 DOI: https://doi.org/10.1109/EuroSPW55150.2022.00023
Callanan, C. (2021). User tolerance of privacy abuse on mobile Internet and the country level of development. September 2019. https://doi.org/10.1177/0266666915571171 DOI: https://doi.org/10.1177/0266666915571171
Chin, Amita; Jones, Beth; Little, P. (2021). A Comparative Analysis of Smartphone Security Behaviors and Practices Amita Chin Virginia Commonwealth University , United States Beth Jones Western Carolina University , United States Philip Little. 17(3), 57–80.
Chin, E., Felt, A. P., Sekar, V., & Wagner, D. (2020). Measuring user confidence in smartphone security and privacy. SOUPS 2012 - Proceedings of the 8th Symposium on Usable Privacy and Security, 1. https://doi.org/10.1145/2335356.2335358 DOI: https://doi.org/10.1145/2335356.2335358
Ciaramitaro, B., & Pavlov, V. (2011). Mobile security. In Mobile Technology Consumption: Opportunities and Challenges. https://doi.org/10.4018/978-1-61350-150-4.ch013 DOI: https://doi.org/10.4018/978-1-61350-150-4.ch013
David-West, O., Oni, O., & Ashiru, F. (2022). Diffusion of innovations: Mobile money utility and financial inclusion in Nigeria. Insights from agents and unbanked poor end users. Information Systems Frontiers, 24(6), 1753–1773. DOI: https://doi.org/10.1007/s10796-021-10196-8
Ekwonwune, E. N., & Enyinnaya, V. C. (2020). Design and Implementation of End to End Encrypted Short Message Service (SMS) Using Hybrid Cipher Algorithm. Journal of Software Engineering and Applications, 13(03), 25–40. https://doi.org/10.4236/jsea.2020.133003 DOI: https://doi.org/10.4236/jsea.2020.133003
Elueze, C. N., & Obasi, C. U. (2022). 5G and The Industry: A Case of the Nigerian Financial Technology Sector.
Elvira Cruz, I. (2023). Design of a methodology for the selection of mobile payment technologies in developing countries.
Enyinnaya, V. C., Ekwonwune, E. N., Osuagwu, O. E., Agbakuru, A. O., & Amanze, B. C. (2021). Applications of End-to-End Encrypted Short Message Service ( SMS ) using Hybrid Encryption Algorithm. 12(6), 176–181.
Evans. (2018). Improved financial performance without improved operational efficiency: The case of Nigerian firms. Forum Scientiae Oeconomia, 6, 25.
Ferm, L.-E. C., & Thaichon, P. (2021). Customer pre-participatory social media drivers and their influence on attitudinal loyalty within the retail banking industry: A multi-group analysis utilizing social exchange theory. Journal of Retailing and Consumer Services, 61, 102584. DOI: https://doi.org/10.1016/j.jretconser.2021.102584
Fletcher, B. (2019). Application using ECC algorithm and QR.pdf.
Frik, A., Kim, J., Sanchez, J. R., & Ma, J. (2022). Users ’ Expectations About and Use of Smartphone Privacy and Security Settings. DOI: https://doi.org/10.1145/3491102.3517504
Garba, F. A. (2019). TextFort: An Efficient Hybrid Short Message Service Encryption Scheme for Mobile Devices. Scientific and Practical Cyber Security Journal.
Ghadirli, H. M., Nodehi, A., & Enayatifar, R. (2019). An overview of encryption algorithms in color images. Signal Processing, 164(September 2018), 163–185. https://doi.org/10.1016/j.sigpro.2019.06.010 DOI: https://doi.org/10.1016/j.sigpro.2019.06.010
Grandis, mohamad regiana, & Yunanto, R. (2020). Jurnal Teknik Informatika, Vol. 12, No. 2, April 2020. Jurnal Teknik Informatika, 12(2), 46–51. https://www.researchgate.net/profile/Rio-Yunanto/publication/344596492_Perancangan_Sistem_Informasi_Iuran_Bulanan_Santri_Pada_Pondok_Pesantren_Sukamiskin_Bandung_Berbasis_Mobile_Web/links/5f832989299bf1b53e1e3d5d/Perancangan-Sistem-Informasi-Iuran-Bulanan
Gupta, B. B., & Narayan, S. (2020). A survey on contactless smart cards and payment system: Technologies, policies, attacks and countermeasures. Journal of Global Information Management (JGIM), 28(4), 135–159. DOI: https://doi.org/10.4018/JGIM.2020100108
Hatamian, M., Wairimu, S., Momen, N., & Fritsch, L. (2021). A privacy and security analysis of early-deployed COVID-19 contact tracing Android apps. In Empirical Software Engineering (Vol. 26, Issue 3). Empirical Software Engineering. https://doi.org/10.1007/s10664-020-09934-4 DOI: https://doi.org/10.1007/s10664-020-09934-4
Jameaba, M.-S. (2022). Digitalization, Emerging Technologies, and Financial Stability: Challenges and Opportunities for the Indonesian Banking Industry and Beyond. DOI: https://doi.org/10.32388/CSTTYQ.2
Kalipi, A. (2023). Exploring the awareness of security threats associated with short-message service (sms) and protective measures against sms security threats amongst students at the University of Namibia (UNAM). University of Namibia.
Kim, Y., Oh, T., & Kim, J. (2023). Analyzing User Awareness of Privacy Data Leak in Mobile Applications. Mobile Information Systems. https://doi.org/10.1155/2015/369489 DOI: https://doi.org/10.1155/2015/369489
Krupp, B., Sridhar, N., & Zhao, W. (2017). SPE: Security and Privacy Enhancement Framework for Mobile Devices. IEEE Transactions on Dependable and Secure Computing, 14(4), 433–446. https://doi.org/10.1109/TDSC.2015.2465965 DOI: https://doi.org/10.1109/TDSC.2015.2465965
Lei, Z., Nan, Y., Fratantonio, Y., & Bianchi, A. (2021). On the Insecurity of SMS One-Time Password Messages against Local Attackers in Modern Mobile Devices. February. https://doi.org/10.14722/ndss.2021.24212 DOI: https://doi.org/10.14722/ndss.2021.24212
Liu, E., Rao, S., Havron, S., Ho, G., Savage, S., Voelker, G. M., & McCoy, D. (2023). No Privacy Among Spies: Assessing the Functionality and Insecurity of Consumer Android Spyware Apps. Proceedings on Privacy Enhancing Technologies, 2023(1), 207–224. https://doi.org/10.56553/popets-2023-0013 DOI: https://doi.org/10.56553/popets-2023-0013
Logunleko, A. M., Logunleko, K. B., Lawal, O. O., Ezugwu, O. O. D., & Akinyemi, O. S. (2021). A Secured Mobile Money Transaction Using Data Masking and Enhanced Base64 Algorithm. Int. J. Recent Contributions Eng. Sci. IT, 9(1), 17–32. DOI: https://doi.org/10.3991/ijes.v9i1.17803
Ma, S., & Chen, C. (2023). Are digital natives overconfident in their privacy literacy? Discrepancy between self-assessed and actual privacy literacy, and their impacts on privacy protection behavior. Frontiers in Psychology, 14(June 2022), 1–11. https://doi.org/10.3389/fpsyg.2023.1224168 DOI: https://doi.org/10.3389/fpsyg.2023.1224168
Mabruri, A. S. (2020). Data Security System of Text Messaging Based on Android Mobile Devices Using Advanced Encrytion Standard Dynamic. October 2000, 39–46.
Menard, P., & Bott, G. J. (2020). Analyzing IOT users’ mobile device privacy concerns: Extracting privacy permissions using a disclosure experiment. Computers and Security, 95, 101856. https://doi.org/10.1016/j.cose.2020.101856 DOI: https://doi.org/10.1016/j.cose.2020.101856
Mousavi, S. K., Ghaffari, A., Besharat, S., & Afshari, H. (2021). Security of internet of things based on cryptographic algorithms: a survey. Wireless Networks, 27, 1515–1555. DOI: https://doi.org/10.1007/s11276-020-02535-5
Noviandy, T. R., Idroes, G. M., Maulana, A., Hardi, I., Ringga, E. S., & Idroes, R. (2023). Credit Card Fraud Detection for Contemporary Financial Management Using XGBoost-Driven Machine Learning and Data Augmentation Techniques. Indatu Journal of Management and Accounting, 1(1), 29–35. DOI: https://doi.org/10.60084/ijma.v1i1.78
Omolara, A. E., Jantan, A., Abiodun, O. I., Dada, K. V., Arshad, H., & Emmanuel, E. (2019). A deception model robust to eavesdropping over communication for social network systems. IEEE Access, 7, 100881–100898. DOI: https://doi.org/10.1109/ACCESS.2019.2928359
Onuwabhagbe OGBEIDE, V., OMOROGIUWA, O., & Eturpa SALAMI, E. (2023). an Empirical Survey To Substantiate the Need for a Cyber Security Framework for Smes in Nigeria. International Journal of Research Publications, 128(1), 9–24. https://doi.org/10.47119/ijrp1001281720235221 DOI: https://doi.org/10.47119/IJRP1001281720235221
Otor, S. U., Akumba, B. O., Idikwu, J. S., & Achika, I. P. (2020). An Improved Security Model for Nigerian Unstructured Supplementary Services Data Mobile Banking Platform. International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 6(3), 974–987. DOI: https://doi.org/10.32628/CSEIT2063213
Pazarbasioglu, C., Mora, A. G., Uttamchandani, M., Natarajan, H., Feyen, E., & Saal, M. (2020). Digital financial services. World Bank, 54.
Prince, C., Omrani, N., Maalaoui, A., Dabic, M., & Kraus, S. (2023). Are We Living in Surveillance Societies and Is Privacy an Illusion? An Empirical Study on Privacy Literacy and Privacy Concerns. IEEE Transactions on Engineering Management, 70, 3553–3570. https://doi.org/10.1109/TEM.2021.3092702 DOI: https://doi.org/10.1109/TEM.2021.3092702
Priya, D., Reddi, T., Reddy, M. S. T., Khan, M. K., & others. (2023). A Comprehensive Examination of Email Spoofing: Issues and Prospects for Email Security. Computers & Security, 103600. DOI: https://doi.org/10.1016/j.cose.2023.103600
Radhi, S. M., & Ogla, R. (2023). In-Depth Assessment of Cryptographic Algorithms Namely DES, 3DES, AES, RSA, and Blowfish. Iraqi Journal of Computers, Communications, Control and Systems Engineering, 23(3), 125–138. DOI: https://doi.org/10.33103/uot.ijccce.23.3.11
Raharja, I. M. S., & Ashari, A. (2021). Enhancing Security System of Short Message Service for Banking Transaction. International Journal of Computing, 20(1), 31–38. https://doi.org/10.47839/ijc.20.1.2089 DOI: https://doi.org/10.47839/ijc.20.1.2089
Rahim Soomro, T., & Irshad, S. (2018). Identity Theft and Social Media. IJCSNS International Journal of Computer Science and Network Security, 18(1), 43. https://www.researchgate.net/publication/323185128
Reese, K., Smith, T., Dutson, J., Armknecht, J., Cameron, J., & Seamons, K. (2019). A usability study of five two-factor authentication methods. Proceedings of the 15th Symposium on Usable Privacy and Security, SOUPS 2019, 357–370.
Rihan, S. D., Khalid, A., Eldin, S., & Osman, F. (2019). A Performance Comparison of Encryption Algorithms AES and DES. International Journal of Engineering Research & Technology (IJERT), 4(12), 151–154. www.ijert.org
Sagheer, A. M., Abdulhameed, A. A., & Abduljabbar, M. A. (2019). SMS security for smartphone. Proceedings - 2013 6th International Conference on Developments in ESystems Engineering, DeSE 2013, February 2015, 281–285. https://doi.org/10.1109/DeSE.2013.57 DOI: https://doi.org/10.1109/DeSE.2013.57
Salim, A., Sagheer, A. M., & Yaseen, L. (2019). Design and Implementation of a Secure Mobile Banking System Based on Elliptic Curve Integrated Encryption Schema. International Conference on Applied Computing to Support Industry: Innovation and Technology, 424–438. DOI: https://doi.org/10.1007/978-3-030-38752-5_33
Sandhu, S., & Arora, S. (2022). Customers’ usage behaviour of e-banking services: Interplay of electronic banking and traditional banking. International Journal of Finance & Economics, 27(2), 2169–2181. DOI: https://doi.org/10.1002/ijfe.2266
Sari, M., Purnomo, H. D., & Sembiring, I. (2022). Review : Algoritma Kriptografi Sistem Keamanan SMS di Android. Journal of Information Technology, 2(1), 11–15. https://doi.org/10.46229/jifotech.v2i1.292 DOI: https://doi.org/10.46229/jifotech.v2i1.292
Scholar, M. T., & RGMCET, N. (2023). Easy and Secure Smart SMS Protocol on M-Health Environment in Mobile Computing.
Shen, B., Wei, L., Xiang, C., Wu, Y., Shen, M., Zhou, Y., & Jin, X. (2021). Can systems explain permissions better? Understanding users’ misperceptions under smartphone runtime permission model. Proceedings of the 30th USENIX Security Symposium, 751–768.
Shuba, A., Bakopoulou, E., & Markopoulou, A. (2018). Privacy Leak Classification on Mobile Devices. IEEE Workshop on Signal Processing Advances in Wireless Communications, SPAWC, 2018-June(i). https://doi.org/10.1109/SPAWC.2018.8445948 DOI: https://doi.org/10.1109/SPAWC.2018.8445948
Sitkowski, M., & Simulation, D. (2018). Securely Encrypting Data At Rest. February.
Souppaya, M., & Scarfone, K. (2023). Guidelines for Managing the Security of Mobile Devices in the Enterprise. NIST Special Publication 800-124, Revision 1, 1–30. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-124r1.pdf%5Cnpapers3://publication/doi/10.6028/NIST.SP.800-124r1
Stirparo, P. (2015). MobiLeak : security and privacy of personal data in mobile applications.
Thabit, F., Can, O., Wani, R. U. Z., Qasem, M. A., Thorat, S. B., & Alkhzaimi, H. A. (2023). Data security techniques in cloud computing based on machine learning algorithms and cryptographic algorithms: Lightweight algorithms and genetics algorithms. Concurrency and Computation: Practice and Experience, e7691. DOI: https://doi.org/10.1002/cpe.7691
Ullah, I., Boreli, R., & Kanhere, S. S. (2023). Privacy in targeted advertising on mobile devices : a survey. International Journal of Information Security, 22(3), 647–678. https://doi.org/10.1007/s10207-022-00655-x DOI: https://doi.org/10.1007/s10207-022-00655-x
Vasilomanolakis, E., Daubert, J., Luthra, M., Gazis, V., Wiesmaier, A., & Kikiras, P. (2016). On the Security and Privacy of Internet of Things Architectures and Systems. Proceedings - 2015 International Workshop on Secure Internet of Things, SIoT 2015, 49–57. https://doi.org/10.1109/SIOT.2015.9 DOI: https://doi.org/10.1109/SIOT.2015.9
Visconti, A. (2018). The Dangers of Rooting : Data Leakage Detection in. 2018. DOI: https://doi.org/10.1155/2018/6020461
Vishnuvardhan, B., Manjula, B., & Lakshman Naik, R. (2020). A study of digital banking: Security issues and challenges. Proceedings of the Third International Conference on Computational Intelligence and Informatics: ICCII 2018, 163–185. DOI: https://doi.org/10.1007/978-981-15-1480-7_14
Wang, C., Wang, Y., Chen, Y., Liu, H., & Liu, J. (2020). User authentication on mobile devices: Approaches, threats and trends. Computer Networks, 170, 107118. https://doi.org/10.1016/j.comnet.2020.107118 DOI: https://doi.org/10.1016/j.comnet.2020.107118
Yadav, C. S., Singh, J., Yadav, A., Pattanayak, H. S., Kumar, R., Khan, A. A., Haq, M. A., Alhussen, A., & Alharby, S. (2022). Malware Analysis in IoT & Android Systems with Defensive Mechanism. Electronics (Switzerland), 11(15), 1–20. https://doi.org/10.3390/electronics11152354 DOI: https://doi.org/10.3390/electronics11152354
Yusuf, M., Gimba, U. A., Bello, A. U., Adamu, A. H., Salisu, S., State, J., & Science, C. (2019). Two Way Authentication for Android Mobile Phones. 5(1), 179–186.
Copyright (c) 2024 FUDMA JOURNAL OF SCIENCES
This work is licensed under a Creative Commons Attribution 4.0 International License.
FUDMA Journal of Sciences
