A method and system for communicating banking-related security messages
FIELD OF INVENTION
The invention relates generally to mobile banking and security and specifically to a method and system for communicating banking-related security messages to improve security and inhibit fraud.
BACKGROUND OF INVENTION
As banking increasingly becomes electronic and Internet-based, new methods of fraud are proliferating, and so too are measures to combat such fraud. To increase security of online transactions (whether all transactions or only higher risk transactions), it is common practice for banks to send a security code (e.g. a One
Time PIN (OTP)) to a user's mobile device (e.g. cellular phone) which the user is then required to recite, e.g. via a web browser, to confirm and complete the transaction. The Applicant is aware of a fraudulent method to defeat or intercept the security code. A fraudster sends bulk communications (typically "phishing"-type communications) containing a link to a malicious program like a virus or malware. If a recipient is tricked into following the link, the malicious program may be installed on his mobile device without his knowledge. The malicious program is configured to recognise messages originating from a bank and incorporating the security code, and to forward it to some pre-programmed destination, e.g. a device of the fraudster. If the fraudster all has the user's banking details, then these, together with the security code, may be sufficient to conclude a fraudulent transaction on the user's bank account.
The Applicant wishes to reduce opportunities for fraudsters and accordingly desires a method and system for communicating banking-related security messages to improve security and inhibit fraud.
SUMMARY OF INVENTION
According to one aspect of the invention, there is provided a method of communicating banking-related security messages, the method including:
receiving, by a mobile network messaging system, a security message from a banking system, the security message containing a temporary security code; forwarding the security message to a mobile device of a user;
monitoring outgoing messages from the mobile device for a pre-determined time period after the security message was forwarded; and
intercepting any outgoing message during the time period if the message contains the security code.
The pre-determined time period may match the period for which the security code is temporarily valid. If not already done, the banking system may be required to render their security codes temporary, e.g. so that they timeout after a period of time elapses.
The step of intercepting may include blocking or merely delaying the outgoing message. The method may include sending a monitoring notification request from a device in one type of system to a device in the same type of system (e.g. a signalling system), in the case where the security message and the outgoing messaging use the same communication protocols. The method may include sending a monitoring notification request from a device in one type of system (e.g. a signalling system) to a device in another system (e.g. a packet-based system), in the case where the security message and the outgoing messaging use different communication protocols. The method may include sending a monitoring notification request from a device in one type of system (e.g. a signalling system) to a device in another system (e.g. a packet-based system).
The method may include configuring a firewall in a packet-based system to intercept any outgoing packet-based messages during the time period if the message contains the security code.
The invention extends to a messaging system for communicating banking-related security messages, the system being operable to receive a security message from a
banking system, the security message containing a temporary security code, and to forward the security message to a mobile device of a user, the system including: a monitoring module operable to monitor outgoing messages from the mobile device for a pre-determined time period after the security message was forwarded; and
a security module operable to intercept any outgoing message during the time period if the message contains the security code.
The messaging system may be in the form of a messaging gateway. The security message and the outgoing message may use the same communication protocols. The messaging gateway may be an SMS gateway or a USSD gateway.
The security message and the outgoing message may use different communication protocols. The monitoring module may be operable to monitor one protocol and is operable to send a monitoring notification to the security module of another protocol.
The security module may be in the form of a firewall operable to intercept any outgoing packet-based messages during the time period if the message contains the security code.
The messaging system may include a processor and a computer-readable medium having stored thereon a computer program operable to direct the operation of the processor. The monitoring and security modules may be conceptual modules corresponding to functional tasks performed by the processor.
The invention extends to a non-transitory computer-readable medium having stored thereon a computer program which, when executed by a computer, causes the computer to perform the method as defined above.
BRIEF DESCRIPTION OF DRAWINGS
The invention will now be further described, by way of example, with reference to the accompanying diagrammatic drawings.
In the drawings:
FIG. 1 shows a schematic view of a PRIOR ART messaging system for communicating banking-related security messages;
FIG. 2 shows a flow diagram of a messaging system for communicating banking-related security messages, in accordance with the invention;
FIG. 3 shows a schematic view of an alternative PRIOR ART messaging system for communicating banking-related security messages;
FIG. 4 shows a flow diagram of an alternative messaging system for communicating banking-related security messages, in accordance with the invention; and
FIG. 5 shows a schematic view of a computer within which a set of instructions for causing the computer to perform any one or more of the methodologies discussed herein may be executed.
DETAILED DESCRIPTION OF EXAMPLE EMBODIMENT
FIG. 1 shows a prior art system 100 (as outlined in the BACKGROUND OF INVENTION section) in which malicious code 1 10 has (unbeknownst to a user) been installed on his mobile device 108. When he attempts an Internet-based banking transaction from his computer (not illustrated), the banking system 104 sends (path 120) him a security message comprising a security code via a mobile network 104 including a messaging system 106. The malicious code 1 10 forwards (path 122) the security message, or merely a derivative thereof including the security code, to the fraudster's device 1 12 which may then be used to perpetrate fraud.
FIG. 2 shows a system 200, in accordance with the present invention, which is intended to address the security issue outlined in FIG. 1 . A messaging system 202 (e.g. SMS or USSD gateway) has been configured to include a monitoring module 204 and a security module 206. If not already done, the banking system 104 reconfigures its security codes to be temporary, i.e. only fixed for a short period, e.g. 1 minute.
When the user logs into his Internet banking and initiates a transaction requiring a security code (e.g. OTP), the banking system 104 sends a security message (path 120) via the messaging system 202 to a telephone number of the mobile device 108 associated with the user's banking profile - in conventional fashion. However, in accordance with the invention, the monitoring module 204 monitors messages and recognises the message 120 as a security message. This may be based on its origin (i.e. from the banking system 104) or its content, e.g. by comparing it to known bank security message formats, or other means. The monitoring module 204 preferably
has prior knowledge of the time period for which the security code in the security message 120 is valid.
The monitoring module 204 then monitors all outbound messages from the mobile device 108 during the validity period to determine whether or not any of the outbound messages are a copy or derivative of the security message, in other words, whether or not they include the security code. If so, the security module 206 intercepts (at block 220) the outbound message, which is likely a fraudulent copy of the security message. Depending on the configuration, the security module 206 may discard the message completely, or merely delay/quarantine it until the validity time period of the security code has elapsed. By quarantining the message, if it was a fraudulent copy, the security code will be useless as it would have timed-out. If there was a legitimate reason for sending the message, then it will still be delivered, albeit a minute or so delayed.
Also, if desired, the security module 206 can be configured to send an alert message notifying of the fraud attempt, possibly including a destination telephone number or network address of the fraudster device 1 12. The alert message may be send to the bank, the user, and/or other concerned parties.
FIG. 3 shows an alternative prior art system 300 in which malicious code 1 10 forwards (path 322) the security message, or merely a derivative thereof including the security code, via a packet-based or packet-switched system 306 to the fraudster device 1 12. The network 304 may thus include the messaging system (now referred to as a telephone signalling messaging system 106) and packet-based devices, e.g. including the Internet. The fraudulent copy of the security message may therefore be an IP (Internet Protocol) message, e.g. email, IM, or the like.
FIG. 4 shows a system 400, in accordance with the present invention, which is intended to combat the fraud technique of FIG. 3. The signalling messaging system
401 still includes a monitoring module 404 which has been slightly modified from that in FIG. 2. In response to receipt of a security message, the monitoring module 404 sends a monitoring notification request 410 to configure or trigger a security module in the form of a firewall 406 in the packet-based system 402. The monitoring notification 410 may include an indication of the security code and of the lockout period. The firewall 406 will then monitor outgoing packet-based messages from the mobile device 108 during the validity period to determine whether or not any of the outbound messages are a copy or derivative of the security message, in other words, whether or not they include the security code. If so, the firewall 406 intercepts (at block 420) the outbound message, which is likely a fraudulent copy of the security message. The firewall 406 need only monitor outgoing messages/communications
for the lockout period (i.e. the period for which the security code is valid). The firewall 406 may be an internal or external firewall.
FIG. 5 shows a diagrammatic representation of a computer 500 within which a set of instructions, for causing the computer 500 to perform any one or more of the methodologies discussed herein, may be executed. In alternative embodiments, the computer 500 operates as a standalone device or may be connected (e.g. networked) to other computers. In a networked deployment, the computer may operate in the capacity of a server or a client computer in a server-client network environment, or as a peer computer in a peer-to-peer (or distributed) network environment. The computer 500 may be a personal computer (PC), a tablet PC, a set-top box (STB), a Personal Digital Assistant (PDA), a cellular telephone, a web appliance, a network router, switch or bridge, or any computer capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that computer. Further, while only a single computer 500 is illustrated, the term "computer" shall also be taken to include any collection of computer that individually or jointly execute a set (or multiple sets) of instructions to perform any one or more of the methodologies discussed herein.
The example computer 500 includes a processor 502 (e.g., a central processing unit (CPU), a graphics processing unit (GPU) or both), a main memory 504 and a static memory 506, which communicate with each other via a bus 508. The computer 500 may further include a video display unit 510 (e.g., a liquid crystal display (LCD)). The computer 500 also includes an alphanumeric input device 512 (e.g., a keyboard), a user interface (Ul) navigation device 514 (e.g., a mouse), a disk drive unit 516, a signal generation device 518 (e.g., a speaker) and a network interface device 520.
The disk drive unit 516 includes a computer-readable medium 522 on which is stored one or more sets of instructions and data structures (e.g., software 524) embodying or utilised by any one or more of the methodologies or functions described herein. The software 524 may also reside, completely or at least partially, within the main memory 504 and/or within the processor 502 during execution thereof by the computer 500, the main memory 504 and the processor 502 also constituting computer-readable media.
The software 524 may further be transmitted or received over a network 526 via the network interface device 520 utilising any one of a number of well-known transfer protocols (e.g., HTTP, UDP, TCP, USSD, FTP).
While the computer-readable medium 522 is shown in an example embodiment to be a single medium, the term "computer-readable medium" should be taken to include a single medium or multiple media (e.g., a centralised or distributed database, and/or associated caches and servers) that store the one or more sets of instructions. The term "computer-readable medium" shall also be taken to include any medium that is capable of storing, encoding or carrying a set of instructions for execution by the computer and that cause the computer to perform any one or more of the methodologies of the present embodiments, or that is capable of storing, encoding or carrying data structures utilised by or associated with such a set of instructions. The term "computer-readable medium" shall accordingly be taken to include, but not be limited to, solid-state memories, optical and magnetic media, and carrier wave signals.
The messaging system 106 may be in the form of the computer 500, or may include some components thereof.
The Applicant believes that the invention as exemplified is advantageous as it provides a relatively unobtrusive method and system 200, 400 for combating a particular type of fraudulent activity. No modification is required to the banking system 102 (other than to render the security code temporary, which many banks do anyway) or to the user's mobile device 108.