An Advanced Knowledge Based Graphical Authentication Framework with Guaranteed Confidentiality and Integrity

The information and security systems largely rely on passwords,which remain the fundamental part of any authentication process. The conventional authentication method based on alphanumerical username and password suffer from significant disadvantages. The graphical password-based authentication system has recently been introduced as an effective alternative. Although the graphical schemes effectively generate the passwords with better flexibility and enhanced security, the most common problem with this is the shoulder surfing attack. This paper proposes an effective 3D graphical password authentication system to overcome such drawbacks. The system is based on the selection of click points for generating passwords. The proposed work involved a training phase for evaluating the model in terms of the success rate. The overall evaluations of the model in terms of password entropy, password space, login success rates, and prediction probability in the shoulder surfing and guessing attacks proved that the model is more confidential and maintains a higher range of integrity than the other existing models

Security challenges and solutions for e-business

The advantages of economic growth and increasing ease of operation afforded by e-business and e-commerce developments are unfortunately matched by growth in cyber attacks. This paper outlines the common attacks faced by e-business and describes the defenses that can be used against them. It also reviews the development of newer security defense methods. These are: (1) biometrics for authentication; parallel processing to increase power and speed of defenses; (2) data mining and machine learning to identify attacks; (3) peer-to-peer security using blockchains; 4) enterprise security modelling and security as a service; and (5) user education and engagement. The review finds overall that one of the most prevalent dangers is social engineering in the form of phishing attacks. Recommended counteractions include education and training, and the development of new machine learning and data sharing approaches so that attacks can be quickly discovered and mitigated

Financial Technology dalam Industri Finansial: Survey Paper

Pada makalah ini akan menjelaskan kegunaan serta pengertian dan kegunaan mengenai financial technology dalam industri keuangan. Dalam bidang keuangan banyak yang menggunakannya sebagai inovasi. Fintech merupakan sebuah istilah baru terhadap sebuah teknologi maju yang memanfaatkan internet. Financial Technology juga mampu membantu layanan untuk mengelola keuangan dengan memanfaatkan digital berupa data besar, rantai blok dan investasi dalam bidang keuangan. Dalam studi ini menyimpulkan bahwa dalam penerapan Financial Technology terdapat teknology yang dapat membantu dalam pelayanan untuk algoritmanya menggunakan Artifical intelligence (AI), mengetahui perilaku pelangkan menggunakan Big Data dan Blockchain untuk menghubungkan jaringan yang ikut untuk membantu pelayanan

Computational Methods for Medical and Cyber Security

Over the past decade, computational methods, including machine learning (ML) and deep learning (DL), have been exponentially growing in their development of solutions in various domains, especially medicine, cybersecurity, finance, and education. While these applications of machine learning algorithms have been proven beneficial in various fields, many shortcomings have also been highlighted, such as the lack of benchmark datasets, the inability to learn from small datasets, the cost of architecture, adversarial attacks, and imbalanced datasets. On the other hand, new and emerging algorithms, such as deep learning, one-shot learning, continuous learning, and generative adversarial networks, have successfully solved various tasks in these fields. Therefore, applying these new methods to life-critical missions is crucial, as is measuring these less-traditional algorithms' success when used in these fields

Show Me the (Data About the) Money!

Information about consumers, their money, and what they do with it is the lifeblood of the flourishing financial technology (“FinTech”) sector. Historically, highly regulated banks jealously protected this data. However, consumers themselves now share their data with businesses more than ever before. These businesses monetize and use the data for countless prospects, often without the consumers’ actual consent. Understanding the dimensions of this recent phenomenon, more and more consumer groups, scholars, and lawmakers have started advocating for consumers to have the ability to control their data as a modern imperative. This ability is tightly linked to the concept of open banking—an initiative that allows consumers to control and share their banking data with service providers as they see fit. But in the U.S., banks have threatened to block the servers of tech companies and data aggregators—business entities that serve as the middlemen connecting FinTech companies and banks, enabling consumers to get more financial services—from accessing their customers’ data even if the customers agree to it. With no regulation or accepted standards for the ethical gathering and use of data, banks argue that limiting access helps them protect their clients’ privacy, improve their accounts’ safety, and promote consumer protection principles. Banks claim that FinTech apps collect more data than needed, store it insecurely, and sell it to others. But the motivation of the big banks in advocating for such limitations may not be so pure. Banks do not want to relinquish competitive advantages, lose customers, or be held liable for data or fund losses. Witnessing resistance, tech companies are not sitting idly by waiting for banks to limit their data access. Instead, they are working on ways to outsmart banks’ blocking technology and use data aggregation services as a middleman. They also extended the fight into Washington, where regulators such as the Federal Trade Commission (FTC) and the Consumer Financial Protection Bureau (CFPB) are noticing how technology impacts consumer data flows and credit reporting issues. Advocating for consumers’ rights to control data, tech companies lobby for open banking

International Conference on Computer Science and Communication Engineering

UBT Annual International Conference is the 8th international interdisciplinary peer reviewed conference which publishes works of the scientists as well as practitioners in the area where UBT is active in Education, Research and Development. The UBT aims to implement an integrated strategy to establish itself as an internationally competitive, research-intensive university, committed to the transfer of knowledge and the provision of a world-class education to the most talented students from all background. The main perspective of the conference is to connect the scientists and practitioners from different disciplines in the same place and make them be aware of the recent advancements in different research fields, and provide them with a unique forum to share their experiences. It is also the place to support the new academic staff for doing research and publish their work in international standard level. This conference consists of sub conferences in different fields like: – Computer Science and Communication Engineering– Management, Business and Economics– Mechatronics, System Engineering and Robotics– Energy Efficiency Engineering– Information Systems and Security– Architecture – Spatial Planning– Civil Engineering , Infrastructure and Environment– Law– Political Science– Journalism , Media and Communication– Food Science and Technology– Pharmaceutical and Natural Sciences– Design– Psychology– Education and Development– Fashion– Music– Art and Digital Media– Dentistry– Applied Medicine– Nursing This conference is the major scientific event of the UBT. It is organizing annually and always in cooperation with the partner universities from the region and Europe. We have to thank all Authors, partners, sponsors and also the conference organizing team making this event a real international scientific event. Edmond Hajrizi, President of UBTUBT – Higher Education Institutio

Big Data Security (Volume 3)

After a short description of the key concepts of big data the book explores on the secrecy and security threats posed especially by cloud based data storage. It delivers conceptual frameworks and models along with case studies of recent technology

The impact of financial technology and risk management practices on corporate financial system profitability: evidence from Kuwait

A vital element of the stability of banking institutions is the presence of an effective risk management system, as well as the financial stability of the corporate sector of the economy in terms of the fulfilment of assumed credit obligations. This study investigates the relationship between financial technology (Fintech) adoption, risk management practices and corporate profitability in Kuwait. The object of the study was 62 industrial enterprises registered on the stock market of Kuwait as of 2022. Methods of descriptive statistics, least squares method for estimating regression model parameters, and correlation analysis served as methodological tools of this study. This study aims to overcome the gaps in theoretical justification and empirically prove the existence of a relationship between the implementation of financial technologies and risk management methods. The results showed a positive correlation between the development of financial technologies and return on assets (correlation coefficient 0.6540), which indicates that implementing innovative financial technologies will contribute to improving the efficiency of banking institutions. The strong and positive correlation between the effectiveness of risk management and the profitability of business entities emphasizes the importance of responsible risk management practices for increasing banking institutions’ profitability. Based on the results of building a regression model, it was established that fintech has a significant impact on indicators of the return on equity of economic entities (р<0.050, t = 1.7700). The originality of this study lies in its focus on Kuwait and the Middle East as a whole and in its exploration of the relationship between corporate financial system profitability, risk management strategies and Fintech adoption. The use of innovative technologies (advanced analytics, artificial intelligence and blockchain) increases the effectiveness of risk management, which contributes to rational decision-making and a better understanding of the banking institution’s potential risks and development opportunities. This study contributes significantly to the existing literature by highlighting the relationships between financial technology innovation adoption, risk management and business financial performance in a market environment in the Middle East

Development of a secure multi-factor authentication algorithm for mobile money applications

A Thesis Submitted in Fulfillment of the Requirements for the Degree of Doctor of Philosophy in Information and Communication Science and Engineering of the Nelson Mandela African Institution of Science and TechnologyWith the evolution of industry 4.0, financial technologies have become paramount and mobile money as one of the financial technologies has immensely contributed to improving financial inclusion among the unbanked population. Several mobile money schemes were developed but, they suffered severe authentication security challenges since they implemented two-factor authentication. This study focused on developing a secure multi-factor authentication (MFA) algorithm for mobile money applications. It uses personal identification numbers, one-time passwords, biometric fingerprints, and quick response codes to authenticate and authorize mobile money subscribers. Secure hash algorithm-256, Rivest-Shamir-Adleman encryption, and Fernet encryption were used to secure the authentication factors, confidential financial information and data before transmission to the remote databases. A literature review, survey, evolutionary prototyping model, and heuristic evaluation and usability testing methods were used to identify authentication issues, develop prototypes of native genuine mobile money (G-MoMo) applications, and identify usability issues with the interface designs and ascertain their usability, respectively. The results of the review grouped the threat models into attacks against privacy, authentication, confidentiality, integrity, and availability. The survey identified authentication attacks, identity theft, phishing attacks, and PIN sharing as the key mobile money systems’ security issues. The researcher designed a secure MFA algorithm for mobile money applications and developed three native G-MoMo applications to implement the designed algorithm to prove the feasibility of the algorithm and that it provided robust security. The algorithm was resilient to non-repudiation, ensured strong authentication security, data confidentiality, integrity, privacy, and user anonymity, was highly effective against several attacks but had high communication overhead and computational costs. Nevertheless, the heuristic evaluation results showed that the G-MoMo applications’ interface designs lacked forward navigation buttons, uniformity in the applications’ menu titles, search fields, actions needed for recovery, and help and documentation. Similarly, the usability testing revealed that they were easy to learn, effective, efficient, memorable, with few errors, subscriber satisfaction, easy to use, aesthetic, easy to integrate, and understandable. Implementing a secure mobile money authentication and authorisation by combining multiple factors which are securely stored helps mobile money subscribers and other stakeholders to have trust in the developed native G-MoMo applications

Improving the Security of Smartwatch Payment with Deep Learning

Making contactless payments using a smartwatch is increasingly popular, but this payment medium lacks traditional biometric security measures such as facial or fingerprint recognition. In 2022, Sturgess et al. proposed WatchAuth, a system for authenticating smartwatch payments using the physical gesture of reaching towards a payment terminal. While effective, the system requires the user to undergo a burdensome enrolment period to achieve acceptable error levels. In this dissertation, we explore whether applications of deep learning can reduce the number of gestures a user must provide to enrol into an authentication system for smartwatch payment. We firstly construct a deep-learned authentication system that outperforms the current state-of-the-art, including in a scenario where the target user has provided a limited number of gestures. We then develop a regularised autoencoder model for generating synthetic user-specific gestures. We show that using these gestures in training improves classification ability for an authentication system. Through this technique we can reduce the number of gestures required to enrol a user into a WatchAuth-like system without negatively impacting its error rates.Comment: Master's thesis, 74 pages. 32 figure