WO2014181308A1 - A method and system for communicating banking-related security messages - Google Patents

A method and system for communicating banking-related security messages Download PDF

Info

Publication number
WO2014181308A1
WO2014181308A1 PCT/IB2014/061334 IB2014061334W WO2014181308A1 WO 2014181308 A1 WO2014181308 A1 WO 2014181308A1 IB 2014061334 W IB2014061334 W IB 2014061334W WO 2014181308 A1 WO2014181308 A1 WO 2014181308A1
Authority
WO
WIPO (PCT)
Prior art keywords
security
message
outgoing
time period
messages
Prior art date
Application number
PCT/IB2014/061334
Other languages
French (fr)
Inventor
Tjaart Van Der Walt
Original Assignee
Knowledge Farm Investments Cc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Knowledge Farm Investments Cc filed Critical Knowledge Farm Investments Cc
Priority to AU2014264204A priority Critical patent/AU2014264204B2/en
Publication of WO2014181308A1 publication Critical patent/WO2014181308A1/en
Priority to ZA2015/08393A priority patent/ZA201508393B/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3223Realising banking transactions through M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/325Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
    • G06Q20/3255Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks using mobile network messaging services for payment, e.g. SMS
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1475Passive attacks, e.g. eavesdropping or listening without modification of the traffic monitored
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/128Anti-malware arrangements, e.g. protection against SMS fraud or mobile malware

Definitions

  • the invention relates generally to mobile banking and security and specifically to a method and system for communicating banking-related security messages to improve security and inhibit fraud.
  • Time PIN (OTP)) to a user's mobile device (e.g. cellular phone) which the user is then required to recite, e.g. via a web browser, to confirm and complete the transaction.
  • a fraudster sends bulk communications (typically "phishing"-type communications) containing a link to a malicious program like a virus or malware. If a recipient is tricked into following the link, the malicious program may be installed on his mobile device without his knowledge.
  • the malicious program is configured to recognise messages originating from a bank and incorporating the security code, and to forward it to some pre-programmed destination, e.g. a device of the fraudster. If the fraudster all has the user's banking details, then these, together with the security code, may be sufficient to conclude a fraudulent transaction on the user's bank account.
  • the Applicant wishes to reduce opportunities for fraudsters and accordingly desires a method and system for communicating banking-related security messages to improve security and inhibit fraud.
  • a method of communicating banking-related security messages including:
  • a mobile network messaging system receiving, by a mobile network messaging system, a security message from a banking system, the security message containing a temporary security code; forwarding the security message to a mobile device of a user;
  • the pre-determined time period may match the period for which the security code is temporarily valid. If not already done, the banking system may be required to render their security codes temporary, e.g. so that they timeout after a period of time elapses.
  • the step of intercepting may include blocking or merely delaying the outgoing message.
  • the method may include sending a monitoring notification request from a device in one type of system to a device in the same type of system (e.g. a signalling system), in the case where the security message and the outgoing messaging use the same communication protocols.
  • the method may include sending a monitoring notification request from a device in one type of system (e.g. a signalling system) to a device in another system (e.g. a packet-based system), in the case where the security message and the outgoing messaging use different communication protocols.
  • the method may include sending a monitoring notification request from a device in one type of system (e.g. a signalling system) to a device in another system (e.g. a packet-based system).
  • the method may include configuring a firewall in a packet-based system to intercept any outgoing packet-based messages during the time period if the message contains the security code.
  • the invention extends to a messaging system for communicating banking-related security messages, the system being operable to receive a security message from a banking system, the security message containing a temporary security code, and to forward the security message to a mobile device of a user, the system including: a monitoring module operable to monitor outgoing messages from the mobile device for a pre-determined time period after the security message was forwarded; and
  • a security module operable to intercept any outgoing message during the time period if the message contains the security code.
  • the messaging system may be in the form of a messaging gateway.
  • the security message and the outgoing message may use the same communication protocols.
  • the messaging gateway may be an SMS gateway or a USSD gateway.
  • the security message and the outgoing message may use different communication protocols.
  • the monitoring module may be operable to monitor one protocol and is operable to send a monitoring notification to the security module of another protocol.
  • the security module may be in the form of a firewall operable to intercept any outgoing packet-based messages during the time period if the message contains the security code.
  • the messaging system may include a processor and a computer-readable medium having stored thereon a computer program operable to direct the operation of the processor.
  • the monitoring and security modules may be conceptual modules corresponding to functional tasks performed by the processor.
  • the invention extends to a non-transitory computer-readable medium having stored thereon a computer program which, when executed by a computer, causes the computer to perform the method as defined above.
  • FIG. 1 shows a schematic view of a PRIOR ART messaging system for communicating banking-related security messages
  • FIG. 2 shows a flow diagram of a messaging system for communicating banking-related security messages, in accordance with the invention
  • FIG. 3 shows a schematic view of an alternative PRIOR ART messaging system for communicating banking-related security messages
  • FIG. 4 shows a flow diagram of an alternative messaging system for communicating banking-related security messages, in accordance with the invention.
  • FIG. 5 shows a schematic view of a computer within which a set of instructions for causing the computer to perform any one or more of the methodologies discussed herein may be executed.
  • FIG. 1 shows a prior art system 100 (as outlined in the BACKGROUND OF INVENTION section) in which malicious code 1 10 has (unbeknownst to a user) been installed on his mobile device 108.
  • the banking system 104 sends (path 120) him a security message comprising a security code via a mobile network 104 including a messaging system 106.
  • the malicious code 1 10 forwards (path 122) the security message, or merely a derivative thereof including the security code, to the fraudster's device 1 12 which may then be used to perpetrate fraud.
  • FIG. 2 shows a system 200, in accordance with the present invention, which is intended to address the security issue outlined in FIG. 1 .
  • a messaging system 202 e.g. SMS or USSD gateway
  • the banking system 104 sends a security message (path 120) via the messaging system 202 to a telephone number of the mobile device 108 associated with the user's banking profile - in conventional fashion.
  • the monitoring module 204 monitors messages and recognises the message 120 as a security message. This may be based on its origin (i.e. from the banking system 104) or its content, e.g. by comparing it to known bank security message formats, or other means.
  • the monitoring module 204 preferably has prior knowledge of the time period for which the security code in the security message 120 is valid.
  • the monitoring module 204 then monitors all outbound messages from the mobile device 108 during the validity period to determine whether or not any of the outbound messages are a copy or derivative of the security message, in other words, whether or not they include the security code. If so, the security module 206 intercepts (at block 220) the outbound message, which is likely a fraudulent copy of the security message. Depending on the configuration, the security module 206 may discard the message completely, or merely delay/quarantine it until the validity time period of the security code has elapsed. By quarantining the message, if it was a fraudulent copy, the security code will be useless as it would have timed-out. If there was a legitimate reason for sending the message, then it will still be delivered, albeit a minute or so delayed.
  • the security module 206 can be configured to send an alert message notifying of the fraud attempt, possibly including a destination telephone number or network address of the fraudster device 1 12.
  • the alert message may be send to the bank, the user, and/or other concerned parties.
  • FIG. 3 shows an alternative prior art system 300 in which malicious code 1 10 forwards (path 322) the security message, or merely a derivative thereof including the security code, via a packet-based or packet-switched system 306 to the fraudster device 1 12.
  • the network 304 may thus include the messaging system (now referred to as a telephone signalling messaging system 106) and packet-based devices, e.g. including the Internet.
  • the fraudulent copy of the security message may therefore be an IP (Internet Protocol) message, e.g. email, IM, or the like.
  • IP Internet Protocol
  • FIG. 4 shows a system 400, in accordance with the present invention, which is intended to combat the fraud technique of FIG. 3.
  • the signalling messaging system
  • the monitoring module 404 sends a monitoring notification request 410 to configure or trigger a security module in the form of a firewall 406 in the packet-based system 402.
  • the monitoring notification 410 may include an indication of the security code and of the lockout period.
  • the firewall 406 will then monitor outgoing packet-based messages from the mobile device 108 during the validity period to determine whether or not any of the outbound messages are a copy or derivative of the security message, in other words, whether or not they include the security code. If so, the firewall 406 intercepts (at block 420) the outbound message, which is likely a fraudulent copy of the security message.
  • the firewall 406 need only monitor outgoing messages/communications for the lockout period (i.e. the period for which the security code is valid).
  • the firewall 406 may be an internal or external firewall.
  • FIG. 5 shows a diagrammatic representation of a computer 500 within which a set of instructions, for causing the computer 500 to perform any one or more of the methodologies discussed herein, may be executed.
  • the computer 500 operates as a standalone device or may be connected (e.g. networked) to other computers.
  • the computer may operate in the capacity of a server or a client computer in a server-client network environment, or as a peer computer in a peer-to-peer (or distributed) network environment.
  • the computer 500 may be a personal computer (PC), a tablet PC, a set-top box (STB), a Personal Digital Assistant (PDA), a cellular telephone, a web appliance, a network router, switch or bridge, or any computer capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that computer.
  • PC personal computer
  • PDA Personal Digital Assistant
  • STB set-top box
  • web appliance web appliance
  • network router switch or bridge
  • the example computer 500 includes a processor 502 (e.g., a central processing unit (CPU), a graphics processing unit (GPU) or both), a main memory 504 and a static memory 506, which communicate with each other via a bus 508.
  • the computer 500 may further include a video display unit 510 (e.g., a liquid crystal display (LCD)).
  • the computer 500 also includes an alphanumeric input device 512 (e.g., a keyboard), a user interface (Ul) navigation device 514 (e.g., a mouse), a disk drive unit 516, a signal generation device 518 (e.g., a speaker) and a network interface device 520.
  • a processor 502 e.g., a central processing unit (CPU), a graphics processing unit (GPU) or both
  • main memory 504 e.g., a static memory 506, which communicate with each other via a bus 508.
  • the computer 500 may further include a video display unit 510 (e.
  • the disk drive unit 516 includes a computer-readable medium 522 on which is stored one or more sets of instructions and data structures (e.g., software 524) embodying or utilised by any one or more of the methodologies or functions described herein.
  • the software 524 may also reside, completely or at least partially, within the main memory 504 and/or within the processor 502 during execution thereof by the computer 500, the main memory 504 and the processor 502 also constituting computer-readable media.
  • the software 524 may further be transmitted or received over a network 526 via the network interface device 520 utilising any one of a number of well-known transfer protocols (e.g., HTTP, UDP, TCP, USSD, FTP).
  • HTTP HyperText Transfer Protocol
  • UDP User Datagram Protocol
  • TCP Transmission Control Protocol
  • USSD Universal Serial Bus
  • FTP Transfer Protocol
  • the computer-readable medium 522 is shown in an example embodiment to be a single medium, the term "computer-readable medium" should be taken to include a single medium or multiple media (e.g., a centralised or distributed database, and/or associated caches and servers) that store the one or more sets of instructions.
  • computer-readable medium shall also be taken to include any medium that is capable of storing, encoding or carrying a set of instructions for execution by the computer and that cause the computer to perform any one or more of the methodologies of the present embodiments, or that is capable of storing, encoding or carrying data structures utilised by or associated with such a set of instructions.
  • computer-readable medium shall accordingly be taken to include, but not be limited to, solid-state memories, optical and magnetic media, and carrier wave signals.
  • the messaging system 106 may be in the form of the computer 500, or may include some components thereof.
  • the Applicant believes that the invention as exemplified is advantageous as it provides a relatively unobtrusive method and system 200, 400 for combating a particular type of fraudulent activity. No modification is required to the banking system 102 (other than to render the security code temporary, which many banks do anyway) or to the user's mobile device 108.

Abstract

A method of communicating banking-related security messages, the method including receiving, by a mobile network messaging system (202), a security message (120) from a banking system (104), the security message containing a temporary security code (e.g. a one-time-PIN) typically used for a financial transaction and forwarding the security message (12) to a mobile device (108) of a user. The method includes monitoring outgoing messages from the mobile device (108) for a pre-determined time period after the security message was forwarded and intercepting (220, 420) any outgoing message (122, 322) during the time period if the message (122, 322) contains the security code.

Description

A method and system for communicating banking-related security messages
FIELD OF INVENTION
The invention relates generally to mobile banking and security and specifically to a method and system for communicating banking-related security messages to improve security and inhibit fraud.
BACKGROUND OF INVENTION
As banking increasingly becomes electronic and Internet-based, new methods of fraud are proliferating, and so too are measures to combat such fraud. To increase security of online transactions (whether all transactions or only higher risk transactions), it is common practice for banks to send a security code (e.g. a One
Time PIN (OTP)) to a user's mobile device (e.g. cellular phone) which the user is then required to recite, e.g. via a web browser, to confirm and complete the transaction. The Applicant is aware of a fraudulent method to defeat or intercept the security code. A fraudster sends bulk communications (typically "phishing"-type communications) containing a link to a malicious program like a virus or malware. If a recipient is tricked into following the link, the malicious program may be installed on his mobile device without his knowledge. The malicious program is configured to recognise messages originating from a bank and incorporating the security code, and to forward it to some pre-programmed destination, e.g. a device of the fraudster. If the fraudster all has the user's banking details, then these, together with the security code, may be sufficient to conclude a fraudulent transaction on the user's bank account.
The Applicant wishes to reduce opportunities for fraudsters and accordingly desires a method and system for communicating banking-related security messages to improve security and inhibit fraud. SUMMARY OF INVENTION
According to one aspect of the invention, there is provided a method of communicating banking-related security messages, the method including:
receiving, by a mobile network messaging system, a security message from a banking system, the security message containing a temporary security code; forwarding the security message to a mobile device of a user;
monitoring outgoing messages from the mobile device for a pre-determined time period after the security message was forwarded; and
intercepting any outgoing message during the time period if the message contains the security code.
The pre-determined time period may match the period for which the security code is temporarily valid. If not already done, the banking system may be required to render their security codes temporary, e.g. so that they timeout after a period of time elapses.
The step of intercepting may include blocking or merely delaying the outgoing message. The method may include sending a monitoring notification request from a device in one type of system to a device in the same type of system (e.g. a signalling system), in the case where the security message and the outgoing messaging use the same communication protocols. The method may include sending a monitoring notification request from a device in one type of system (e.g. a signalling system) to a device in another system (e.g. a packet-based system), in the case where the security message and the outgoing messaging use different communication protocols. The method may include sending a monitoring notification request from a device in one type of system (e.g. a signalling system) to a device in another system (e.g. a packet-based system).
The method may include configuring a firewall in a packet-based system to intercept any outgoing packet-based messages during the time period if the message contains the security code.
The invention extends to a messaging system for communicating banking-related security messages, the system being operable to receive a security message from a banking system, the security message containing a temporary security code, and to forward the security message to a mobile device of a user, the system including: a monitoring module operable to monitor outgoing messages from the mobile device for a pre-determined time period after the security message was forwarded; and
a security module operable to intercept any outgoing message during the time period if the message contains the security code.
The messaging system may be in the form of a messaging gateway. The security message and the outgoing message may use the same communication protocols. The messaging gateway may be an SMS gateway or a USSD gateway.
The security message and the outgoing message may use different communication protocols. The monitoring module may be operable to monitor one protocol and is operable to send a monitoring notification to the security module of another protocol.
The security module may be in the form of a firewall operable to intercept any outgoing packet-based messages during the time period if the message contains the security code.
The messaging system may include a processor and a computer-readable medium having stored thereon a computer program operable to direct the operation of the processor. The monitoring and security modules may be conceptual modules corresponding to functional tasks performed by the processor.
The invention extends to a non-transitory computer-readable medium having stored thereon a computer program which, when executed by a computer, causes the computer to perform the method as defined above.
BRIEF DESCRIPTION OF DRAWINGS
The invention will now be further described, by way of example, with reference to the accompanying diagrammatic drawings.
In the drawings: FIG. 1 shows a schematic view of a PRIOR ART messaging system for communicating banking-related security messages;
FIG. 2 shows a flow diagram of a messaging system for communicating banking-related security messages, in accordance with the invention;
FIG. 3 shows a schematic view of an alternative PRIOR ART messaging system for communicating banking-related security messages;
FIG. 4 shows a flow diagram of an alternative messaging system for communicating banking-related security messages, in accordance with the invention; and
FIG. 5 shows a schematic view of a computer within which a set of instructions for causing the computer to perform any one or more of the methodologies discussed herein may be executed.
DETAILED DESCRIPTION OF EXAMPLE EMBODIMENT
FIG. 1 shows a prior art system 100 (as outlined in the BACKGROUND OF INVENTION section) in which malicious code 1 10 has (unbeknownst to a user) been installed on his mobile device 108. When he attempts an Internet-based banking transaction from his computer (not illustrated), the banking system 104 sends (path 120) him a security message comprising a security code via a mobile network 104 including a messaging system 106. The malicious code 1 10 forwards (path 122) the security message, or merely a derivative thereof including the security code, to the fraudster's device 1 12 which may then be used to perpetrate fraud.
FIG. 2 shows a system 200, in accordance with the present invention, which is intended to address the security issue outlined in FIG. 1 . A messaging system 202 (e.g. SMS or USSD gateway) has been configured to include a monitoring module 204 and a security module 206. If not already done, the banking system 104 reconfigures its security codes to be temporary, i.e. only fixed for a short period, e.g. 1 minute.
When the user logs into his Internet banking and initiates a transaction requiring a security code (e.g. OTP), the banking system 104 sends a security message (path 120) via the messaging system 202 to a telephone number of the mobile device 108 associated with the user's banking profile - in conventional fashion. However, in accordance with the invention, the monitoring module 204 monitors messages and recognises the message 120 as a security message. This may be based on its origin (i.e. from the banking system 104) or its content, e.g. by comparing it to known bank security message formats, or other means. The monitoring module 204 preferably has prior knowledge of the time period for which the security code in the security message 120 is valid.
The monitoring module 204 then monitors all outbound messages from the mobile device 108 during the validity period to determine whether or not any of the outbound messages are a copy or derivative of the security message, in other words, whether or not they include the security code. If so, the security module 206 intercepts (at block 220) the outbound message, which is likely a fraudulent copy of the security message. Depending on the configuration, the security module 206 may discard the message completely, or merely delay/quarantine it until the validity time period of the security code has elapsed. By quarantining the message, if it was a fraudulent copy, the security code will be useless as it would have timed-out. If there was a legitimate reason for sending the message, then it will still be delivered, albeit a minute or so delayed.
Also, if desired, the security module 206 can be configured to send an alert message notifying of the fraud attempt, possibly including a destination telephone number or network address of the fraudster device 1 12. The alert message may be send to the bank, the user, and/or other concerned parties.
FIG. 3 shows an alternative prior art system 300 in which malicious code 1 10 forwards (path 322) the security message, or merely a derivative thereof including the security code, via a packet-based or packet-switched system 306 to the fraudster device 1 12. The network 304 may thus include the messaging system (now referred to as a telephone signalling messaging system 106) and packet-based devices, e.g. including the Internet. The fraudulent copy of the security message may therefore be an IP (Internet Protocol) message, e.g. email, IM, or the like.
FIG. 4 shows a system 400, in accordance with the present invention, which is intended to combat the fraud technique of FIG. 3. The signalling messaging system
401 still includes a monitoring module 404 which has been slightly modified from that in FIG. 2. In response to receipt of a security message, the monitoring module 404 sends a monitoring notification request 410 to configure or trigger a security module in the form of a firewall 406 in the packet-based system 402. The monitoring notification 410 may include an indication of the security code and of the lockout period. The firewall 406 will then monitor outgoing packet-based messages from the mobile device 108 during the validity period to determine whether or not any of the outbound messages are a copy or derivative of the security message, in other words, whether or not they include the security code. If so, the firewall 406 intercepts (at block 420) the outbound message, which is likely a fraudulent copy of the security message. The firewall 406 need only monitor outgoing messages/communications for the lockout period (i.e. the period for which the security code is valid). The firewall 406 may be an internal or external firewall.
FIG. 5 shows a diagrammatic representation of a computer 500 within which a set of instructions, for causing the computer 500 to perform any one or more of the methodologies discussed herein, may be executed. In alternative embodiments, the computer 500 operates as a standalone device or may be connected (e.g. networked) to other computers. In a networked deployment, the computer may operate in the capacity of a server or a client computer in a server-client network environment, or as a peer computer in a peer-to-peer (or distributed) network environment. The computer 500 may be a personal computer (PC), a tablet PC, a set-top box (STB), a Personal Digital Assistant (PDA), a cellular telephone, a web appliance, a network router, switch or bridge, or any computer capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that computer. Further, while only a single computer 500 is illustrated, the term "computer" shall also be taken to include any collection of computer that individually or jointly execute a set (or multiple sets) of instructions to perform any one or more of the methodologies discussed herein.
The example computer 500 includes a processor 502 (e.g., a central processing unit (CPU), a graphics processing unit (GPU) or both), a main memory 504 and a static memory 506, which communicate with each other via a bus 508. The computer 500 may further include a video display unit 510 (e.g., a liquid crystal display (LCD)). The computer 500 also includes an alphanumeric input device 512 (e.g., a keyboard), a user interface (Ul) navigation device 514 (e.g., a mouse), a disk drive unit 516, a signal generation device 518 (e.g., a speaker) and a network interface device 520.
The disk drive unit 516 includes a computer-readable medium 522 on which is stored one or more sets of instructions and data structures (e.g., software 524) embodying or utilised by any one or more of the methodologies or functions described herein. The software 524 may also reside, completely or at least partially, within the main memory 504 and/or within the processor 502 during execution thereof by the computer 500, the main memory 504 and the processor 502 also constituting computer-readable media.
The software 524 may further be transmitted or received over a network 526 via the network interface device 520 utilising any one of a number of well-known transfer protocols (e.g., HTTP, UDP, TCP, USSD, FTP). While the computer-readable medium 522 is shown in an example embodiment to be a single medium, the term "computer-readable medium" should be taken to include a single medium or multiple media (e.g., a centralised or distributed database, and/or associated caches and servers) that store the one or more sets of instructions. The term "computer-readable medium" shall also be taken to include any medium that is capable of storing, encoding or carrying a set of instructions for execution by the computer and that cause the computer to perform any one or more of the methodologies of the present embodiments, or that is capable of storing, encoding or carrying data structures utilised by or associated with such a set of instructions. The term "computer-readable medium" shall accordingly be taken to include, but not be limited to, solid-state memories, optical and magnetic media, and carrier wave signals.
The messaging system 106 may be in the form of the computer 500, or may include some components thereof.
The Applicant believes that the invention as exemplified is advantageous as it provides a relatively unobtrusive method and system 200, 400 for combating a particular type of fraudulent activity. No modification is required to the banking system 102 (other than to render the security code temporary, which many banks do anyway) or to the user's mobile device 108.

Claims

THE INVENTION CLAIMED IS:
1. A method of communicating banking-related security messages, the method including:
receiving, by a mobile network messaging system, a security message from a banking system, the security message containing a temporary security code;
forwarding the security message to a mobile device of a user;
monitoring outgoing messages from the mobile device for a predetermined time period after the security message was forwarded; and intercepting any outgoing message during the time period if the message contains the security code.
2. The method as claimed in claim 1 , in which the pre-determined time period matches the period for which the security code is temporarily valid.
3. The method as claimed in claim 1 , in which the intercepting includes:
blocking the outgoing message; or
delaying the outgoing message.
4. The method as claimed in claim 1 , in which the security message and the outgoing message use the same communication protocols.
5. The method as claimed in claim 1 , in which the security message and the outgoing message use different communication protocols.
6. The method as claimed in claim 5, which includes sending a monitoring notification request from a device in a signalling system to a device in a packet-based system.
7. The method as claimed in claim 1 , which includes configuring a firewall in a packet-based system to intercept any outgoing packet-based messages during the time period if the message contains the security code.
8. A messaging system for communicating banking-related security messages, the system being operable to receive a security message from a banking system, the security message containing a temporary security code, and to forward the security message to a mobile device of a user, the system including:
a monitoring module operable to monitor outgoing messages from the mobile device for a pre-determined time period after the security message was forwarded; and
a security module operable to intercept any outgoing message during the time period if the message contains the security code.
9. The messaging system as claimed in claim 8, which is in the form of a messaging gateway and in which the security message and the outgoing message use the same communication protocols.
10. The messaging system as claimed in claim 9, in which the messaging gateway is an SMS gateway or a USSD gateway.
11. The messaging system as claimed in claim 8, in which in which the security message and the outgoing message use different communication protocols.
12. The messaging system as claimed in claim 1 1 , in which the monitoring module is operable to monitor one protocol and is operable to send a monitoring notification to the security module of another protocol.
13. The messaging system as claimed in claim 8, in which the security module is in the form of a firewall operable to intercept any outgoing packet-based messages during the time period if the message contains the security code.
14. A non-transitory computer-readable medium having stored thereon a computer program which, when executed by a computer, causes the computer to perform the method as claimed in claim 1 .
PCT/IB2014/061334 2013-05-10 2014-05-09 A method and system for communicating banking-related security messages WO2014181308A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU2014264204A AU2014264204B2 (en) 2013-05-10 2014-05-09 A method and system for communicating banking-related security messages
ZA2015/08393A ZA201508393B (en) 2013-05-10 2015-11-13 A method and system for communicating banking-related security messages

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ZA201303434 2013-05-10
ZA2013/03434 2013-05-10

Publications (1)

Publication Number Publication Date
WO2014181308A1 true WO2014181308A1 (en) 2014-11-13

Family

ID=51866865

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2014/061334 WO2014181308A1 (en) 2013-05-10 2014-05-09 A method and system for communicating banking-related security messages

Country Status (3)

Country Link
AU (1) AU2014264204B2 (en)
WO (1) WO2014181308A1 (en)
ZA (1) ZA201508393B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030172166A1 (en) * 2002-03-08 2003-09-11 Paul Judge Systems and methods for enhancing electronic communication security
US20080010191A1 (en) * 2006-07-06 2008-01-10 Firethorn Holdings, Llc Methods and Systems For Providing a Payment in a Mobile Environment
US20120011066A1 (en) * 2010-07-12 2012-01-12 Telle Todd N Methods and systems for authenticating an identity of a payer in a financial transaction
US20130054468A1 (en) * 2011-08-25 2013-02-28 Platamovil International BV System and method for conducting financial transactions

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009516306A (en) * 2005-11-15 2009-04-16 クレアメイル・インコーポレイテッド Application access using message links
WO2009005698A1 (en) * 2007-06-28 2009-01-08 Applied Identity Computer security system
WO2010011179A1 (en) * 2008-07-25 2010-01-28 Resolvo Systems Pte Ltd System and method for preventing leakage of sensitive digital information on a digital communication network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030172166A1 (en) * 2002-03-08 2003-09-11 Paul Judge Systems and methods for enhancing electronic communication security
US20080010191A1 (en) * 2006-07-06 2008-01-10 Firethorn Holdings, Llc Methods and Systems For Providing a Payment in a Mobile Environment
US20120011066A1 (en) * 2010-07-12 2012-01-12 Telle Todd N Methods and systems for authenticating an identity of a payer in a financial transaction
US20130054468A1 (en) * 2011-08-25 2013-02-28 Platamovil International BV System and method for conducting financial transactions

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ALOUL ET AL.: "Two factor authentication using mobile phones.", COMPUTER SYSTEMS AND APPLICATIONS, 2009. AICCSA 2009. IEEE /ACS INTERNATIONAL CONFERENCE ON., 2009, Retrieved from the Internet <URL:http://staff.aub.edu.lb/~we07/Publications/Two%20Factor%20Authentication%20Using%20Mobile%20Phones.pdf> [retrieved on 20140812] *
TSAI ET AL.: "Trusted M-banking Verification Scheme based on a combination of OTP and Biometrics.", JOURNAL OF CONVERGENCE, vol. 3.3, September 2012 (2012-09-01), pages 23 - 30., Retrieved from the Internet <URL:http://www.ftrai.org/joc/vol3no3/b101.pdf> [retrieved on 20140812] *

Also Published As

Publication number Publication date
ZA201508393B (en) 2017-09-27
AU2014264204B2 (en) 2019-04-18
AU2014264204A1 (en) 2015-12-03

Similar Documents

Publication Publication Date Title
US11050786B2 (en) Coordinated detection and differentiation of denial of service attacks
Alomari et al. Botnet-based distributed denial of service (DDoS) attacks on web servers: classification and art
US9954873B2 (en) Mobile device-based intrusion prevention system
KR101554809B1 (en) System and method for protocol fingerprinting and reputation correlation
US8949978B1 (en) Efficient web threat protection
US8856913B2 (en) Method and protection system for mitigating slow HTTP attacks using rate and time monitoring
US8161538B2 (en) Stateful application firewall
US20130291107A1 (en) System and Method for Mitigating Application Layer Distributed Denial of Service Attacks Using Human Behavior Analysis
US9118619B2 (en) Prevention of cross site request forgery attacks by conditional use cookies
WO2015007231A1 (en) Method and device for identification of malicious url
US20140137189A1 (en) Cross-site request forgery protection
Chhikara et al. Phishing & anti-phishing techniques: Case study
Kavisankar et al. A mitigation model for TCP SYN flooding with IP spoofing
Wueest The continued rise of DDoS attacks
Cambiaso et al. Mobile executions of slow DoS attacks
Al‐Hammouri et al. ReCAP: a distributed CAPTCHA service at the edge of the network to handle server overload
Leavitt Instant messaging: a new target for hackers
AU2014264204B2 (en) A method and system for communicating banking-related security messages
US11736528B2 (en) Low latency cloud-assisted network security with local cache
WO2007122495A2 (en) A framework for protecting resource-constrained network devices from denial-of-service attacks
Patayo A Preventive and Detective Model for Phishing Attack in Small and Medium Size Businesses
Tiwari et al. Analysis of cyber attack vectors
KR101595379B1 (en) Control and blocking system for e-mail attached malignant code
Pu et al. Threat analysis of smart mobile device
US10757078B2 (en) Systems and methods for providing multi-level network security

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14795392

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2014264204

Country of ref document: AU

Date of ref document: 20140509

Kind code of ref document: A

122 Ep: pct application non-entry in european phase

Ref document number: 14795392

Country of ref document: EP

Kind code of ref document: A1