complete m-banking srs`1
TRANSCRIPT
-
8/12/2019 COMPLETE m-Banking SRS`1
1/28
Mobile Banking (M-Banking)
Software requirement Specification
S.S.Jain Subodh College
Jaipur-202021
Team MembersChanchal Garg
Anju Khandelwal
Project Guide
-
8/12/2019 COMPLETE m-Banking SRS`1
2/28
INDEX
1. Introduction
1.1 Objective 05
1.2 Purpose 05
1.3 A Mobile Banking Conceptual Model 0
1.! "e#initions and Abbreviations 0$
1.5 %e#erences 0&
1. Overvie' 0&
1.$ (ools to be used 12
1.) (ec*nologies to be used 13
2. Overall Description
2.1 Product Perspective 1!
2.2 +et'ork Con#iguration 1$
2.3 ,o#t'are -eatures 1)
2.! ,ervice Overvie' 20
2.5 Bene#its 20
2. nter#aces and Protocols 22
3. Security, Operation and Maintenance
3.1 ,calabilit/ 23
3.2 ndtoend ,ecurit/ 23
3.3 ,ecurit/ and Con#identialit/ o# in#oration 2!
-
8/12/2019 COMPLETE m-Banking SRS`1
3/28
3.! ,trong 2-actor Aut*entication 25
3.5 "ata ntegrit/ 25
3. +on%epudiation 25
3.$ Cr/ptograp*ic Operations 2
3.) (ransaction -lo' 2$
3.& Operating ,/ste %euireents 2)
3.10 Operation and Maintenance 2&
1. ntroduction4
-
8/12/2019 COMPLETE m-Banking SRS`1
4/28
Mobile bankinalso kno'n as MBanking or ,M, Banking6 is a ter used #or
per#oring balance c*ecks7 account transactions7 pa/ents7 credit applications and
ot*er banking transactions t*roug* a obile device suc* as a obile p*one or
Personal "igital Assistant P"A6. (*e earliest obile banking services 'ere o##ered
over ,M,. 8it* t*e introduction o# t*e #irst priitive sart p*ones 'it* 8AP support
enabling t*e use o# t*e obile 'eb in 1&&&7 t*e #irst uropean banks started to o##er
obile banking on t*is plat#or to t*eir custoers.
Mobile banking *as until recentl/ 20106 ost o#ten been per#ored via ,M, or
t*e Mobile 8eb. Apple9s initial success 'it* P*one and t*e rapid gro't* o# p*ones
based on :oogle9s Android operating s/ste6 *ave led to increasing use o# special
client progras7 called apps7 do'nloaded to t*e obile device.
Mobile p*one usage *as spread in a ver/ broad anner7 becoing t*e #irst
counications tec*nolog/ to *ave ore users in developing countries t*an in
developed ones. 8it* obile counications alread/ as a prie case #or leap#rogging
traditional in#rastructure7 obile banking MBanking6 *as great potential #or e;tending
t*e provision o# #inancial services to unbanked people t*roug* a tec*nolog/ t*at is bot*
#ailiar and 'idespread.
1.1 Ob!ective"
(*is project is aied at developing obile banking s/ste t*at allo's bank custoer
to use t*eir obile p*one to do banking7 pa/ing Bills etc. (*e objective o# t*is concept
note is to ake t*e case t*at obile pa/ent s/stes erit #urt*er e;ploration #ro
t*e M- as a #irst step to'ards e;tending access to #inancial services to t*e poor and
t*ose living in reote areas.
1.2 Purpose4
-
8/12/2019 COMPLETE m-Banking SRS`1
5/28
(*e ain purpose o# t*is docuent is to s*o' t*e reuireents o# t*e project
#$%ankin. (*e purpose o# So&t'are (e)uire#ents Speci&ication *S(S+ docuent
is to describe t*e bene#its associated 'it* MBanking and increased access to better7
lo' cost #inancial services #or t*e currentl/ unbanked population include4 easier and
sa#er cas* *andling7 allo'ing #or t*e possibilit/ o# investing in asset creation or incoe
generating activities< reduced vulnerabilit/ to cas* #lo' s*ocks< and in general7 stronger
econoies b/ encouraging trade and arkets. t also describes t*e design constraints
t*at are to be considered '*en t*e s/ste is to be designed7 and ot*er #actors
necessar/ to provide a coplete and copre*ensive description o# t*e reuireents
#or t*e so#t'are. (*e ,o#t'are %euireents ,peci#ication ,%,6 captures t*e
coplete so#t'are reuireents #or t*e s/ste7 or a portion o# t*e s/ste.
%euireents described in t*is docuent are derived #ro t*e =ision "ocuent
prepared #or t*e Banking.
1.3 A Mobile Banking Conceptual Model4
n one acadeic odel7 obile banking is de#ined as4
Mobile Banking re#ers to provision and availent o# banking and #inancial services 'it*
t*e *elp o# obile telecounication devices. (*e scope o# o##ered services a/
include #acilities to conduct bank and stock arket transactions7 to adinister accounts
and to access custoi>ed in#oration.
According to t*is odel Mobile Banking can be said to consist o# t*ree interrelated
concepts4
Mobile Accounting
Mobile Brokerage
Mobile -inancial n#oration ,ervices
Most services in t*e categories designated Accountingand Brokerageare transaction
based. (*e nontransactionbased services o# an in#orational nature are *o'ever
essential #or conducting transactions #or instance7 balance inuiries ig*t be needed
-
8/12/2019 COMPLETE m-Banking SRS`1
6/28
be#ore coitting a one/ reittance. (*e accounting and brokerage services are
t*ere#ore o##ered invariabl/ in cobination 'it* in#oration services. n#oration
services7 on t*e ot*er *and7 a/ be o##ered as an independent odule.
1.! "e#initions and Abbreviations4
D%24
"B2 "atabase is t*e database anageent s/ste t*at delivers a #le;ible and cost
e##ective database plat#or to build robust on deand business applications.
ersonal details"
"etails o# custoer suc* as usernae7 copan/7 p*one nuber7 address7 'ebsite7 e
ail address etc.
-I%"
A obile bro'ser7 also called a icro bro'ser7 inibro'ser7 or 'ireless internet
bro'ser 8B67 is a 'eb bro'ser designed #or use on a obile device suc* as a obile
p*one or P"A. Mobile bro'sers are optii>ed so as to displa/ 8eb content ost
e##ectivel/ #or sall screens on portable devices. Mobile bro'ser so#t'are ust be
sall and e##icient to accoodate t*e lo' eor/ capacit/ and lo'band'idt* o#
'ireless *and*eld devices.
/M0"
?/perte;t Markup @anguage is a arkup language used to design static 'eb
pages.
-
8/12/2019 COMPLETE m-Banking SRS`1
7/28
//"
?/per te;t (rans#er Protocol is a transaction oriented clientserver protocol bet'een
'eb bro'ser a 8eb ,erver.
SM"
:lobal ,/ste #or Mobile (elecounications
I$ID"
ntegrated Circuits6 Card denti#ier7 kno'n as t*e ,M card denti#ier
SM"
?ost ,ecurit/ Module.
%S"
Banking ,ervice Plat#or
%MS"
Bank Mediation ,erver
3DES"
(riple "ata ncr/ption ,tandard
/I"
(ransission Control Protocolnternet Protocol7 t*e suite o# counication protocols
used to connect *osts on t*e nternet. (CPP uses several protocols7 t*e t'o ain
ones being (CP and P.
-
8/12/2019 COMPLETE m-Banking SRS`1
8/28
1.5 %e#erences4
,%, -orat.
Proble "e#inition Provided b/ BM6.
DM@ so#t'are #or DM@ diagras.
1. Overvie'4
Mobile %ankin o#ponents"
Mobile Banking is enabled in t*e obile p*one t*roug* a secure applet located in t*e
enduserEs ,M card. ,ecure trans#ers over t*e 'ireless net'ork and #inancial transaction
processing are anaged b/ t*e ,M card and a distributed plat#or7 deplo/ed at t*e obile
operatorEs site and at t*e #inancial institution. (*e plat#or includes t*e #ollo'ing coponents4
t*e Business Mediation ,erver7 t*e Bank ,ecure Plat#or and t*e ?ost ,ecurit/ Module.
Additionall/7 an adaptor a/ be reuired to enable counication over nonstandard
inter#aces to bank s/stes.
-
8/12/2019 COMPLETE m-Banking SRS`1
9/28
%usiness Mediation ServerBM,6 on t*e operatorEs side7 t*e BM, ensures counication
bet'een obile subscribers and #inancial institutions7 and routes obile banking transactions
e;c*anged bet'een t*e ,M card in t*e obile userEs p*one and t*e B,P at t*e userEs bank.
(*e BM,4
%eceives subscribersE obile banking reuests7 interprets t*e7 #orats and #or'ard
t*e reuests to t*e subscribersE bank #or processing.
Maintains t*e status o# t*e reuests.
@ogs transaction results #or auditing and billing purposes.
%eceives t*e bankEs responses and sends t*e to t*e ,M.
Maintains t*e list o# #inancial institutions available on t*at operatorEs services.
-
8/12/2019 COMPLETE m-Banking SRS`1
10/28
%ank Secure lat&or#B,P6 on t*e #inancial institution side7 t*e B,P *andles transactions
bet'een obile users and t*e bankEs s/stes. More speci#icall/7 t*e B,P4
-acilitates counication bet'een bank s/stes and endusers.
?osts response teplates pages6
Aut*enticates obile custoers.
Maintains connectivit/ bet'een t*e 'ireless teleco 'orld and t*e banking
environent.
nsures t*at #inancial transactions and custoer data are secure7 using t*e services o#
t*e ?ost ,ecurit/ Module7 ost Security Module *SM6 (*e ?,M7 a taperproo#
*ard'are coponent7 provides stateo#t*eart cr/ptograp*ic #unctions to t*e B,P.
Dpon receiving a reuest #ro t*e B,P7 it per#ors cr/ptograp*ic operations7
generating transaction ke/s7 encr/pting and decr/pting sensitive in#oration. (*e ?,M
also anages t*e cr/ptograp*ic ke/s used to secure obile #inancial transactions. (*e
?,M is #urt*er en*anced 'it* t*e Mobile ,*ield #ir'are #or secure businesstransactions.(*e Adaptor7 reuired onl/ '*en nonstandard inter#aces to t*e bank
s/stes are used7 is a custoi>able odule t*at translates essages to and #ro t*e
#orat used b/ t*e bankEs backend. (*e Adaptor sealessl/ insulates t*e B,P #ro
t*e speci#ics o# t*e bank s/stesE inter#aces.
,everal operatoro'ned odules also participate in delivering t*e Mobile Banking
#unctionalities4
@inDs Online ,ervice :ate'a/ O,:6 *elps operators to o##er ,M cardbased
services to t*eir subscribers b/ connecting t*e to reote content in a session ode.
n t*e conte;t o# obile banking7 O,: rela/s obile banking essages bet'een t*e
obile p*one and t*e BM, and translates t*e #ro ,M, to ?((P #orat.
-
8/12/2019 COMPLETE m-Banking SRS`1
11/28
@inDs Over(*eAir O(A6 Manager is an optional coponent t*at o##ers operators
t*e convenience o# reotel/ provisioning and anaging ,M cards.
A ,*ort Message ,ervice Center ,M,C67 a standard :,M net'ork eleent7 delivers
,M, essages.
1.4 /ools to be used"
D%2 5 "atabase
E0ISE 5 "evelopent (ool
(6/ION60 (OSE 5 "esign (ool
-6S 58eb ,erver
72EE 5Application Arc*itecture
72ME 5 Mobile Application Arc*itecture
1.8 /ec9noloies to be used"
72ME"
-
8/12/2019 COMPLETE m-Banking SRS`1
12/28
F2M stands #or Fava 27 Micro dition. t is a strippeddo'n version o# Fava targeted at
devices '*ic* *ave liited processing po'er and storage capabilities and interittent
or #airl/ lo'band'idt* net'ork connections. (*ese include obile p*ones7 pagers7
'ireless devices and settop bo;es aong ot*ers.
-E% 2.:"
(*e ter -eb 2.:is associated 'it* 'eb applications t*at #acilitate participator/
in#oration s*aring7 interoperabilit/7 usercentered design7 and collaboration on t*e
8orld 8ide 8eb. ;aples o# 8eb 2.0 include social net'orking sites7 blogs7 'ikis7
video s*aring sites7 *osted services and 'eb applications
XM0"
E;tensible Markup 0anuaeXM06 is a arkup language t*at de#ines a set o#
rules #or encoding docuents in a #orat t*at is bot* *uanreadable and ac*ine
readable. t is de#ined in t*e GM@ 1.0 ,peci#ication produced b/ t*e 83C7 and several
ot*er related speci#ications7 all gratis open standards.
72EE"
7ava 2 Enterprise Edition is a prograing plat#or part o# t*e Fava Plat#or #or
developing and running distributed ultitier arc*itecture Fava applications7 based
largel/ on odular so#t'are coponents running on an application server.
-
8/12/2019 COMPLETE m-Banking SRS`1
13/28
2.(*e Overall "escription4
2.1 Product Perspective4
Mobile Banking o##er is a coplete #inancial services solution #or obile operators and
#inancial institutions. t includes a secure ,M applet and a distributed transactional plat#or
t*at provide secure access #ro a obile p*one to obile banking7 obile pa/ent and
obile one/ trans#er services.(*e ,ecure Applet is preinstalled on t*e ,M card7 readil/
available to t*e enduser. (*is applet *andles4
"ispla/ing appropriate enus processing user responses.
,ending and receiving transaction essages.
ncr/pting and decr/pting sensitive in#oration.
Managing transaction securit/ and con#identialit/.
-
8/12/2019 COMPLETE m-Banking SRS`1
14/28
Dsing Banking ,o#t'are t*e e##ectiveness o# Bank7 bank eplo/ees and Banking
so#t'are users can be developed. (*e Banking so#t'are provides no. o# 'a/s #or being
connecting to t*e Bank. (*ese 'a/s includes "eposit7 'it*dra'7 pa/ents o# bills7 balance
c*ecking and obile rec*arge t*roug* t*e use o# obile p*ones.
(*e coplete overvie' o# t*e s/ste is as s*o'n in t*e overvie' diagra belo'4
-
8/12/2019 COMPLETE m-Banking SRS`1
15/28
(*e 'eb pages G?(M@F,P6 are present to provide t*e user inter#ace on user side.Counication bet'een client and server is provided t*roug* ?((P?((P, protocols.
(*e client ,o#t'are is to provide t*e user inter#ace on s/ste user client side and #ort*is (CPP protocols are used.
On t*e server side 'eb server is #or FB and database server is #or storing t*ein#oration.
2.2 +et'ork Con#iguration 4
-
8/12/2019 COMPLETE m-Banking SRS`1
16/28
Mobile Banking7 an operator can provide t*e service to subscribers t*at *ave bankaccounts 'it* di##erent #inancial institutions. A bank can also c*oose to 'ork 'it* severaloperators7 to provide obile banking services to its custoers7 independentl/ o# t*eir obileservice provider. t is also possible #or several banks 'it* lig*t obile banking tra##ic to s*are a%ank Secure lat&or#.
(*e ,M card sends Mobile Banking reuests using ,M, ,H( protocol6 essages.
O,: translates t*ese essages into ?((P reuests be#ore sending t*e to
t*e %MSBusiness Mediation ,erver6.
(*e %MSBank ,ecure Plat#or6 #or'ards t*e ?((P reuests to t*e B,P o#
t*e selected bank.
(*e B,P interacts 'it* t*e ?,M #or t*e cr/ptograp*ic operations.
(*e B,P counicates 'it* t*e bankEs s/stes7 possibl/ t*roug* an adaptor7
using a series o# 'eb services.
-
8/12/2019 COMPLETE m-Banking SRS`1
17/28
(*e bank s/ste or adaptor6 responds.
B,P cip*ers t*e necessar/ in#oration using t*e ?,M6 be#ore proceeding.
(*e B,P #or'ards and #orats t*e response and t*en sends it to t*e BM,
(*e BM, sends t*e response to t*e O,:.
O,: copiles t*e response and sends it to t*e ,M using t*e ,M, c*annel.
2.3 ,o#t'are #eatures4
8it* Mobile Banking obile users can per#or t*e #ollo'ing banking
operations4
,ubscribe to t*e obile banking service at t*eir #inancial institution7
and cancel t*eir subscription at an/ tie.
Add or reove a bank account #ro a list o# available accounts
anaged t*roug* obile banking.
,iulate transactions in order to tr/ t*e s/ste.
=eri#/ t*e balance o# t*eir bank accounts.
=ie' t*e ost recent transactions on t*eir bank accounts.
accounts anaged t*roug* obile banking.
-
8/12/2019 COMPLETE m-Banking SRS`1
18/28
Appl/ #or and pa/ o## a credit line.
C*eck t*e aount o# credit available on t*eir credit cards.
Obtain cas* advances on t*eir credit cards.
C*eck t*e balance o# t*eir credit card accounts.
Pa/ t*eir credit card accounts.
%ec*arge t*eir prepaid obile accounts.
Pa/ utilit/ bills7 suc* as electricit/7 nternet and obile subscriptions7 or an/
ot*er bill t*at can be registered 'it* t*e #inancial institution.
Pa/ ot*er services t*roug* re#erence nubers #ound on t*e bills.
-
8/12/2019 COMPLETE m-Banking SRS`1
19/28
2.! ,ervice Overvie'4
Mobile Banking provides obile users 'it* eas/ and secure access to #inancial operations
#ro t*eir obile p*ones 2! *ours a da/7 $ da/s a 'eek. 8*et*er t*e/ need to pa/ a bill '*ile
a'a/ #ro *oe7 to c*eck t*eir account balance at t*e superarket7 to trans#er #unds on t*e
'a/ to t*e airport7 to rec*arge t*eir prepaid
obile subscription account be#ore going to t*e beac* or to obtain credit online #or t*at ne'
(=7 obile users can pick up t*e p*one and carr/ out t*e desired transaction b/ *itting a #e'
ke/s. (*e/ sipl/ need to bro'se user#riendl/ enus and respond
to service propts. (*e in#oration t*e/ need to enter *as been scaled do'n to a iniu7 in
order to sipli#/ t*e use o# t*e application. (*is in#oration ainl/ consists o# t*eir P+ and
t*e aount o# one/ involved in t*e transaction. A essage suari>ing t*e userEs reuest is
t*en sent to t*e selected #inancial institution7 '*ere t*e reuest is processed. (*e result is
displa/ed on t*e userEs obile screen 'it*in
seconds.
2.5 Bene#its4
Mobile p*one operators and #inancial institutions 'ill bene#it #ro using Mobile Banking to o##er
obile #inancial services to t*eir custoers7 '*et*er t*e/ operate in saturated arkets '*ere
copetition is tig*t and service di##erentiation is ke/ to attracting and retaining custoers7 or in
reote areas in need o# coste##ective #inancial services.
%ene&its &or Mobile Operators
8it* Mobile Banking7 operators can e;pand t*eir services port#olio7 proote t*eir brands and
create strategic arketing di##erentiation attracting ne' custoers.
,ubscribers '*o use obile #inancial services begin to rel/ on t*e7 aking t*e a
-
8/12/2019 COMPLETE m-Banking SRS`1
20/28
di##erentiating #actor #or t*e operator. As a result7 Mobile Banking strengt*ens custoer lo/alt/
and reduces c*urn and attrition rates. Mobile Banking increases operator revenue b/ boosting
tra##ic and providing subscribers 'it* instant access to airtie purc*ase4 'it* #inancial services
at t*eir #ingertips7 obile users 'ill rec*arge t*eir prepaid accounts ore readil/ and use t*eir
obile p*ones to pa/ bills or c*eck t*eir account balance. (*anks to t*e ubiuit/ and *ig*
penetration o# t*e obile device7 obile operators are uniuel/ positioned to pla/ an iportant
role in t*e e;panding obile one/ trans#er and obile pa/ents arkets.
%ene&its &or =inancial Institutions
Mobile Banking allo's #inancial institutions to en*ance custoer satis#action and retention b/
o##ering ne'7 better services '*ile gaining a direct arketing c*annel #or t*eir products and
services7 '*ic* can be tailored to t*e speci#ic needs o# custoers. At t*e sae tie7 t*e/
attract ne' custoers to t*e one$on$ one bank$custo#er relations9ip. As access to obile
p*ones gro's 'orld'ide7 so does t*e opportunit/ to attract ore custoers and e;tend t*e
reac* o# #inancial services. B/ turning obile p*ones into t*eir bankEs A(Ms7 #inancial
institutions gain access to ne' arkets7 di##erent #ro t*ose traditionall/ served b/ t*eir
p*/sical branc*es. Access to banking services at an/tie and #ro an/'*ere also generates
revenue t*roug* *ig*er service usage7 and reduces operating e;penses because o# #e'er
direct teller interactions7 '*ile aintaining or iproving t*e level o# service. -inancial
institutions gain anot*er iportant bene#it b/ adding Mobile Banking to t*eir e;isting c*annels.
(*e/ 'ill be 'it* t*eir custoers at all ties7 read/ to *elp t*e7 to rec*arge a prepaid obile
p*one
on a ,aturda/ nig*t7 to get a ne' MP3 pla/er via online credit #unds7 to pa/ a #orgotten bill
a#ter leaving #or a vacation7 t*e bank is ever/'*ere7 all t*e tie.
%ene&its &or t9e End
-
8/12/2019 COMPLETE m-Banking SRS`1
21/28
s readil/ available
s lo' cost no data connection6 itEs resides on t*e ,M7 t*e bro'sing is local.
s device independent7 supported on A@@ p*ones #ro lo' to *ig*end
2. nter#aces and Protocols4
Mobile Banking coponents use standard protocols and inter#aces to e;c*ange in#oration
and to counicate 'it* ot*er net'ork eleents and bank s/stes7 t*us #acilitating t*e
integration o# Mobile Banking into t*e e;isting in#rastructure. A *ig*level vie' o# t*e protocols
used to e;c*ange essages bet'een di##erent obile banking operator and bank coponents
to process a reuest '*ic* is as #ollo's4
(*e ,M card sends Mobile Banking reuests using ,M, ,H( protocol6 essages.
O,: translates t*ese essages into ?((P reuests be#ore sending t*e to t*e BM,.
(*e BM, #or'ards t*e ?((P reuests to t*e B,P o# t*e selected bank.
(*e B,P interacts 'it* t*e ?,M #or t*e cr/ptograp*ic operations.
(*e B,P counicates 'it* t*e bankEs s/stes7 possibl/ t*roug* an adaptor7 using
a series o# 'eb services.
(*e bank s/ste or adaptor6 responds.
B,P cip*ers t*e necessar/ in#oration using t*e ?,M6 be#ore proceeding.
-
8/12/2019 COMPLETE m-Banking SRS`1
22/28
(*e B,P #or'ards and #orats t*e response and t*en sends it to t*e BM,.
(*e BM, sends t*e response to t*e O,:.
O,: copiles t*e response and sends it to t*e ,M using t*e ,M, c*annel.
3. ,ecurit/7 operation and Maintenance4
3.1 Scalability
Mobile Banking is scalable t*roug* *ard'are clustering. (o increase t*roug*put7 bot* BM,
and B,P can independentl/6 be installed in clusters 'it* a clustering engine distributing t*e
tra##ic aong several servers.
3.2 End$to$end Security
,ince obile banking transactions can be initiated #ro alost an/'*ere and transaction
details are transitted over unprotected net'orks7 securit/ poses t*e biggest c*allenge in
developing a success#ul solution and is likel/ to be a akeitorbreakit #actor #or obile
banking. 8e takes securit/ issues and concerns seriousl/. As longtie leader in digital
securit/7 'e uses t*e stateo#t*eart securit/ tec*nolog/ to secure obile applications. (*e
Mobile Banking solution addresses t*e reuireents o# data con#identialit/7 strong user
aut*entication7 data integrit/ as 'ell as nonrepudiation7 and con#ors to relevant standards
suc* as PC ",,6 establis*ed b/ #inancial organi>ations and governent bodies to prevent
#raud and ot*er securit/
t*reats.
3.3 ,ecurit/ and Con#identialit/ o# n#oration4
(*e Mobile Banking solution provides endtoend securit/ and con#identialit/ o# data b/
-
8/12/2019 COMPLETE m-Banking SRS`1
23/28
cip*ering in#oration in t*e ,M #or secure trans#er over t*e obile p*one7 t*e :,M net'ork7
t*e operatorEs in#rastructure and t*e connection to t*e #inancial institution. (*e in#oration
entered b/ t*e user is collected and encr/pted b/ t*e applet residing in t*e taperproo# ,M
card.
-or t*e *ig*est level o# securit/7 sensitive data7 suc* as P+ and transaction details are never
stored in t*e ,M card or t*e plat#or. All custoer and #inancial in#oration is kept e;clusivel/
at t*e bank7 '*ic* also *as t*e sole control over t*e cr/ptograp*ic ke/s used to secure
#inancial transactions.
3.! ,trong 2-actor Aut*entication4
Bank custoers ust be sure t*at no one can ake transactions on t*eir
be*al#7 and banks ust be able to veri#/ t*at custoers are indeed '*o
t*e/ clai to be. 8e respond to t*is reuireent 'it* strong t'o #actor
aut*entication.
-it9 Mobile %ankin"
Dsers are reuired to identi#/ t*eselves to t*e bank 'it* a Mobile Banking P+ t*at protects
-
8/12/2019 COMPLETE m-Banking SRS`1
24/28
access to #inancial in#oration and transactions. ,ecret ke/s onl/ kno'n to t*e ,M card and
t*e bank are used to encr/pt and sign transaction data7 #urt*er proving t*e identit/ o# t*e user.
3.> Data Interity
,ince data is digitall/ signed7 an/ attept to anipulate it 'ill be detected because t*e
signature 'ill no longer correspond to t*e signed essage.
3.? Non$repudiation
n t*e conte;t o# obile banking7 nonrepudiation re#ers to aut*enticating t*e custoer and t*e
#inancial institution participating in a #inancial transaction 'it* *ig* degree o# certaint/ so t*at
t*e parties cannot later den/ *aving per#ored t*e transaction. (o ensure nonrepudiation7 a
proo# ust be generated to s*o' t*at t*e transaction 'as per#ored b/ t*at part/. Mobile
Banking addresses t*is reuireent t*roug* t*e use o#4
A user P+ kno'n onl/ to t*e user and protected b/ encr/ption
A transaction con#iration code sent b/ t*e bank
A transaction log t*at records t*e details o# ever/ transaction.
3.4 ryptorap9ic Operations
All sensitive data is encr/pted 'it* double lengt* 3", 12)bit6 ke/s. n addition7 transactional
securit/ standards suc* as "erived Dniue Ie/ per (ransaction "DIP(67 s*ortlived
-
8/12/2019 COMPLETE m-Banking SRS`1
25/28
transactional conte;ts and ke/ roles are used #or added protection o# #inancial transactions.
(*e cr/ptograp*ic #unctions7 including ke/ anageent7 are per#ored using t*e ost #raud
resistant *ard'are solution7 '*ic* personali>es t*e ?,M #or Mobile Banking. (*e selected
?,M7 (*ales ?,M )0007 is certi#ied as copl/ing 'it* t*e ost stringent securit/ standard4
-P, 1!02 @evel 3.
3.) (ransaction #lo'4
A obile banking transaction is initiated b/ t*e obile user and is copleted '*en t*e result is
displa/ed on t*e userEs p*one. (*e #ollo'ing e;aple s*o's t*e counication #lo' #or anaccount balance reuest.
A custoer bro'ses Mobile Banking pages on t*e obile p*one and reuests an
account balance #ro t*e bank b/ selecting t*e account and entering t*e P+ to
con#ir t*e transaction.
(*e reuest is encr/pted and signed in t*e ,M and sent to t*e BM, via t*e obile
operatorEs net'ork t*roug* t*e ,M,C and t*e ,H( :ate'a/.
(*e BM, counicates 'it* t*e B,P at t*e bank.
(*e B,P decr/pts in#oration related to t*e transaction t*e account67 translates t*e
P+7 translates t*e reuest and sends it to t*e bank s/ste #or processing.
8*en t*e B,P obtains t*e reuested in#oration it sends t*e response back to t*e
BM,.
(*e BM, sends t*e response to t*e ,H( gate'a/ '*ic* #orats and #or'ards it to t*e
,M card in t*e obile p*one.
-
8/12/2019 COMPLETE m-Banking SRS`1
26/28
(*e response is decr/pted in t*e ,M card and presented to t*e user.
(*e obile user sees t*e result o# *er or *is reuest on t*e p*one displa/.
3.@ Operatin Syste# (e)uire#ents
(*e Mobile Banking plat#or so#t'are runs on standard D+G or @inu; servers #reeing t*e
operator and t*e #inancial institution #ro t*e *ig* cost o# purc*asing and aintaining
proprietar/ operating s/stes. t can also be used on Microso#t 8indo's $GP7 Opera7 Mo>illa
-ire#o; and :oogle c*roe.
-
8/12/2019 COMPLETE m-Banking SRS`1
27/28
3.10Operation and Maintenance4
(*e Mobile Banking plat#or reuires inial aintenance7 ostl/ consisting o# veri#/ings/ste logs regularl/. (*e aintenance o# t*e plat#or servers7 t*e %"BM, and t*e ?,M is
as speci#ied b/ t*e anu#acturers o# t*ose products.
Mobile 6ccount Manae#ent
(*e standard version o# Mobile Banking does not include an/ obile account anageent or
billing #unctionalit/7 since di##erent operators and banks use di##erent account anageent
et*ods and7 o#ten7 proprietar/ bill ing s/stes. Mobile Banking does *o'ever allo' t*e
operator to con#igure t*e BM, 'it* (P"A codes #or billable and
nonbillable ,M, essages. Additionall/7 'e can develop custo obile account
anageent #unctionalities tailored to t*e needs o# #inancial institutions or operators.
Storae o&
-
8/12/2019 COMPLETE m-Banking SRS`1
28/28