The practice of authentication
Proc. of a workshop on the theory and application of cryptographic techniques on Advances in cryptology---EUROCRYPT '85
Message authentication with one-way hash functions
IEEE INFOCOM '92 Proceedings of the eleventh annual joint conference of the IEEE computer and communications societies on One world through communications (Vol. 3)
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
A user authentication scheme not requiring secrecy in the computer
Communications of the ACM
A Design Principle for Hash Functions
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
The MD4 Message Digest Algorithm
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
How to Time-Stamp a Digital Document
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
On Certificate Revocation and Validation
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Certificate revocation system implementation based on the Merkle hash tree
International Journal of Information Security
Collision free hash functions and public key signature schemes
EUROCRYPT'87 Proceedings of the 6th annual international conference on Theory and application of cryptographic techniques
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Certificate revocation and certificate update
IEEE Journal on Selected Areas in Communications
| Hi-index | 0.00 |
New or emerging technologies such as e-services, e-/m-commerce, Cyber-payment, mobile banking and pay-as-you-go insurance services are opening up new avenues for criminals to commit computer-related financial fraud and online abuse. This serious situation has been evidenced by the UK Information Security Breach Survey 2004 and the UK National Hi-Tech Crime Unit's recent report, “Hi-Tech Crime: The Impact On UK Business”. It highlights that online financial fraud is one of the most serious e-crimes and takes the lion's share of over 60% of e-crime costs, and most of the financial fraud cases are committed by authorised insiders. Authorised insiders can more easily break the security barrier of a bank or a financial institution due to their operating privileges on the banking automated systems. Failure to detect such cases promptly can lead to (sometimes huge) financial loses and damage the reputation of financial institutions. This paper introduces a real-time fraud detection solution – the Transaction Authentication Service (TAS) – to tackle the problem of transaction manipulation by authorised insiders. The paper also introduces an important building block used in the design of TAS, Automated Banking Certificates (ABCs).