Improving the Effectiveness of the Dissemination Method in Disaster Early Warning Messages

The dissemination of disaster early warning messages has a significant role in the effectiveness and serviceability in an Early Warning System (EWS). Providing the community in a disaster area with an adequate dissemination and communication of early warning messages will improve people's awareness and reaction to a natural hazard. People who live in a disaster area play a crucial role in the success of EWS. Malaysian, Sri Lankan, Bangladeshi and Indonesian authorities employ mobile phone applications, such as text messages (SMS), as a tool for disaster warning messages. However, there are many challenges in methods for disseminating early warning messages. One of the challenges is the dissemination method in which only notification messages are sent. In this paper, we propose confirmation or verification messages, as part of disaster early warning messages, by using text messages. Confirmation messages are messages that use a verification channel to provide up-to- date official information about the latest natural disaster conditions. Keywords: disaster management, early warning messages dissemination, SM

Usability design of Short Message Service (SMS) mobile phone banking

The financial services sector is investing considerable sums of money into mobile banking services, but the uptake by customers has been low. The cost to benefit ratio of mobile banking is highly unsatisfactory when the costs of developing and managing the channel are considered. Many of the advantages of Internet banking are shared by mobile banking e.g. control and time saving. Mobile banking also offers higher convenience with the ability to carry out banking whenever and wherever you are. It is hoped that mobile banking can be as successful as Internet banking. A major factor in the low adoption of mobile banking is usability, and there is a need for research on the issues surrounding mobile banking as so far little has been conducted. This thesis seeks to investigate the usability issues surrounding Short Message Service (SMS) banking. It identifies three general functions of SMS in electronic banking: transactions, communication/CRM and security. Three empirical usability evaluations are presented that explored customers’ perceptions and attitudes of using these functions of SMS banking. The research presented here provides empirical evidence for the thesis that usability is a significant factor in the low customer adoption of SMS banking. It also shows that related to usability issues are customer concerns over the security of SMS as a banking channel. Older users will find SMS banking less usable than younger users and are more ambivalent regarding SMS in general. It recommends the most usable message input format to use in SMS banking and contributes insights on how best to realise the practical application of SMS banking and services. The findings from these studies will help improve usability in mobile banking services

Security Analysis of Multi-Factor Authentication Security Protocols

Multi-Factor Authentication (MFA) is being increasingly adopted by on- line services in order to achieve an adequate level of security. MFA is based on security protocols, called MFA protocols, that integrate the use of credentials with additional identity proofs, called authentication factors (based on knowledge, possession or inherence). The authentication factors are provided through specific objects, called authenticators (e.g., hardware token). To date, MFA has been widely adopted in the most diverse security-critical application scenarios (e.g., online banking, eHealth). Various solutions have been proposed, leveraging MFA protocols which employ different kinds of authenticators and providing different user experience. When considering various MFA protocols, few questions may arise. How do MFA protocols differ in terms of (i) level of protection, (ii) compliance w.r.t. current regulations and (iii) complexity for the user? To answer the question concerning the level of protection, traditional verification techniques for security protocols require a formal specification of the protocol under analysis. However, as a matter of fact, several service providers employ ad-hoc MFA protocols and do not disclose their internals. In addition, classical attacker models, such as the Dolev-Yao adversary, hardly apply. Hence, new protocol modeling techniques and new attacker models should be investigated. Concerning regulations, public and private authorities have introduced directives and guidelines for the design of MFA protocols (e.g., recommendations for online payment services from the European Banking Authority, and the guidelines from NIST about the digital identity management through MFA). In principle, these initiatives aim to guide the design of more secure and usable MFA protocols, but there is no evidence that the existing MFA protocols actually comply with the aforementioned regulations. Thus, a novel methodology is needed to provide such an evidence. The ease-of-use is a relevant aspect to be considered in the analysis of an MFA protocol. Indeed, the use of multiple authenticators in the execution of an MFA protocol can negatively affect user experience, which can have an impact on its security as well. However, none of the research works managed to measure the usability of a conspicuous number of MFA protocols design. Hence, a methodology for evaluating the ease-of-use of an MFA protocol should be identified. In this work, we propose a framework to analyze MFA protocols, which does not rely on the implementation details, being able to assess the (i) level of protection, (ii) compliance w.r.t. current regulations and (iii) complexity for the user. To this aim, we define a specification language which is compatible with the typical (amount of) information publicly released by service providers on the employed MFA protocols. For what concerns the security analysis, we propose an evaluation of MFA protocols in terms of resistance against a set of attacker models, tailored for the specific case of MFA protocols. For what concerns the regulatory aspects and best practices, we include the possibility to evaluate a protocol in terms of compliance with a customizable set of requirements and best practices. Furthermore, for what concerns the ease-of-use of an MFA protocol, we propose a new metric, called complexity, for evaluating a protocol in terms of efforts that an user is required to perform during its execution. The aforementioned framework has been then implemented in a working tool, MuFASA, allowing (even non-expert) users to model an MFA protocol and to automatically analyze it. Finally, the presented framework has been applied on some selected use cases. First, it has been employed in the early stages of the design of a novel MFA protocol, integrated into the Citizens\u2019 Clinical Record platform developed in the Trentino region (Italy). Then, it has been used for performing a latitudinary study on online banking services, allowing us to model and analyze more than 150 MFA protocols employed by banks all over the world

Exploring Consumer Adoption of Mobile Payments - A Qualitative Study

This paper examines consumer adoption of a new electronic payment service, mobile payments. The empirical data for the explorative study was collected by establishing six focus group sessions. The results suggest that the relative advantages of mobile payments include time and place independence, availability, possibilities for remote purchases, and queue avoidance. The interviewees found mobile payments to be mostly compatible with digital content and service purchases and to complement small value cash payments. Interestingly, the findings suggest that the relative advantages of mobile payments depend on certain situational factors such as lack of other payment methods or urgency. There are, however, several barriers to the adoption of mobile payments, including premium pricing of the payments, complexity of payment procedures, a lack of widespread merchant acceptance, and perceived risks

An Analysis of Computer Systems for the Secure Creation and Verification of User Instructions

The ongoing digitisation of previously analogue systems through the Fourth Industrial Revolution transforms modern societies. Almost every citizen and businesses operating in most parts of the economy are increasingly dependent on the ability of computer systems to accurately execute people's command. This requires efficient data processing capabilities and effective data input methods that can accurately capture and process instructions given by a user. This thesis is concerned with the analysis of state-of-the-art technologies for reliable data input through three case studies. In the first case study, we analyse the UI of Windows 10 and macOS 10.14 for their ability to capture accurate input from users intending to erase data. We find several shortcomings in how both OS support users in identifying and selecting operations that match their intentions and propose several improvements. The second study investigates the use of transaction authentication technology in online banking to preserve the integrity of transaction data in the presence of financial malware. We find a complex interplay of personal and sociotechnical factors that affect whether people successfully secure their transactions, derive representative personas, and propose a novel transaction authentication mechanism that ameliorates some of these factors. In the third study, we analyse the Security Code AutoFill feature in iOS and macOS and its interactions with security processes of remote servers that require users to handle security codes delivered via SMS. We find novel security risks arising from this feature's design and propose amendments, some of which were implemented by Apple. From these case studies, we derive general insights on latent failure as causes for human error that extend the Swiss Cheese model of human error to non-work environments. These findings consequently extend the Human Factors Analysis and Classification System and can be applied to human error incident investigations

Role of Information Communication Technology (ICT) in Nepalese Banking Industry

Public and private sectors, organization has been keen to harness the potential of ICT to enhance its administrative, managerial and clinical performance. Successful implementation of the new technology depended upon acceptance by organizational member targets as its end-users. The experiment is done by the help of both primary and secondary data. Primary data have been collected from the structured questionnaire developed for the employee of the bank and the customers. Secondary data have been collected from the website of Nepal Rasta Bank, ICT related journals, banking articles and other published sources. The study purpose is to gain a more complete understanding of the change management factors affecting the acceptance of the. The present study was aimed to explore the prevailing status of the use of ICT in commercial banking services, assess the extent of perceived benefits of the use of ICT and analyze the key problems and their corrective measures so as to leverage the use of ICT in commercial banking in the country. The study found explores the banking sector using the information and technology. The study helps to provide the information about the corns and pros of using information and communication technology in the present context of Nepalese banking sector

Secure contactless mobile financial services with near field communication

Masters of ScienceThis thesis presents the results from work with three prototypes that use Near Field Communication technology to provide secure contactless mobile nancial services on mobile phones.South Afric

On privacy calculus and underlying consumer concerns influencing mobile banking subscriptions

The advancement of technology in mobile devices places South African (SA) banking institutions in unique positions to leverage these advancements into innovative value added services. Mobile banking is one such innovation that has afforded banking clients the ability to, amongst other services, view bank statements, pay bills, and transfer money. Despite a growing trend in mobile banking service offerings by SA banks, privacy and security issues are still considered a concern. The paper conceptualizes the underlying concerns by bank clients regarding the adoption of mobile banking services. Privacy Calculus Theory (PCT) has been used as a theoretical lens to explain the cognitive process involved when a potential mobile banking subscriber is presented with mobile banking technology solutions. The paper extends PCT by abstracting the risk/benefit trade-off psyche held by SA bank clients. The paper attempts to explain, using PCT, the bank clients’ cognitive process and willingness to subscribe to mobile banking services. Quantitative research method has been used for this purpose. Purposeful sampling that targeted SA bank-account holders was applied. Empirical results show that the South African banked consumers’ psyche is largely influenced by the utility of a technology (mobile banking service) and interestingly, privacy and security play a lesser role in this trade-off

Mobile services in banking sector: The role of innovative business solutions in generating competitive advantage

The wide-ranging economic developments of the previous decade, e.g. the integration of world economies, have made a significant impact towards increasing the mobility of the working populace and their families. At the same time, technological developments especially in the field of telecommunication have made it possible to offer innovative, location sensitive services on ubiquitous basis to customers on the move. Our paper examines innovative mobile solutions in the field of mobile financial services (MFS) by using four case studies from Germany and Switzerland - representing two banks and two different technology solutions. The paper scrutinizes the strategic relevance of MFS to the competitive position of the firm concerned. Finally, we present five propositions about the role of innovative business solutions in the banking sectors and recommend that a large scale empirical study to test these propositions be conducted in the future. --Mobile Banking,Mobile Commerce,Mobile Financial Services,Multi-channel strategy,Innovation in banking sector