Document Type: Original Manuscript
Department of Computer Engineering, E-Campus, Islamic Azad University, Tehran, Iran
Department of Computer Engineering, South Tehran Branch, Islamic Azad University, Iran
Providing banking services, especially online banking and electronic payment systems, has always been associated with high concerns about security risks.
In this paper, customer authentication for their transactions in electronic banking has been discussed, and a more appropriate way of using biometric fingerprint data, as well as encrypting those data in a different way, has been suggested. Using fingerprint biometrics increases the security of online payment systems.Biometrics is used in a database in the banking system. The fingerprint biometrics is more reliable and easier to use than other biometrics and can be obtained from anyone with an easy access. In this thesis, according to needs analysis, validation is performed not only by the user but also by the bank itself, according to the standards of the banking system.More precisely, a new protocol, known as Stream Cipher, is developed to generate a one-time password from biometric data, to ensure that security and privacy are maintained. In the suggested system, Ciphering and deciphering user information by issuer bank provides security.The results of the research indicate its proper function compared to other authentication methods. The protocol security analysis also demonstrates the benefits of enhancing security by employing the accelerated encryption methods in the proposed method. The results of the research show The Errors rate (EER, FRR and SFAR) is very low and can be ignored. This method is highly resistant to all kinds of electronic banking attacks, such as phishing and password theft.