Indian Journal of Science and Technology

Abstract

Background: Online bank transactions are widely carried out through the mobiles and PDAs there by reducing much time and energy involved for any bank operation. All m-banking transactions are carried out through SMS communications between user mobile and bank server through wireless media exposed to lot of malware vulnerabilities. The problem of securing SMS using text steganography, within limited length 70/160 characters is investigated in this paper. One of the main objectives ofthis paper is selection of a text steganography technique for protecting the OTP SMS from the bank server to user mobile. Methods: In this paper a novel technique of hiding secret six-digit OTP under an innocent looking cover text is proposed. The property of the similarity of glyphs of Unicode characters is combined with frequency of occurrence of English letters is used to hide OTP. The similarities of glyphs provide invisibility and letter frequency improves the overall hiding ratio. Result: This method will help to secure OTP SMS generated by the bank server from malware Trojans along the communication channel and also hide the very presence of the secret information within the SMS. By analysing the result, there is no change in the way the cover text appears after embedding OTP. The extraction of the secret bits is also done effectively. In conclusion, this method will efficiently hide the secret bits and provides a medium level of security. It can be used to a maximum of 10-12 digits of OTP. Due to the limited size of 70 Unicode characters per SMS, the payload capacity gets affected if more.
Keywords: Letter Frequency, M-Banking, OTP SMS, Text Steganography, Unicode Glyphs