Secure Web Financial Transaction Methods and Smart Authentication with a Focus on Mobile Devices

In the preceding few years, new form of security threats has appeared to alter the confidential data between the user and the navigation program’s security mechanism. Man-In-The-Browser (“MITB”) and Man-In-The-Middle (“MITM”) are new form of Internet intimidations, typically a Trojan horse program; interpolate itself between the user and the navigation program like Internet Explorer or Firefox. They take over user access to the bank’s web site despite of the sound and emphatic authentication method. In the current scenario of security threats extra up-to-the-minute protections are required to avoid security breach of financial data transaction on web. These attacks emphasize the need for financial organizations to securely authenticate users and ensure the integrity of web transactions in the face of a growing threat environment. In this paper we analyze the Man In the Browser and Man In the Middle attacks and propose a solution based upon Digitally signing a transaction and using the mobile phones as a software token for Digital Signature code generation which pioneers an avenue of carrying out secure authentication from a mobile device to verify an authentic user to carry out financial transactions in a secure way on the WWW.