Know your customer (KYC) based authentication method for financial services through the internet

Abstract

Financial services through the internet are running under various threats like phishing, pharming (cyber attack intended to redirect a website's traffic to another fake site), malware, and evolving sophistication of compromise techniques. Multi-factor authentication (MFA) financial service system alleviates the risk and makes it secure. Various methods of MFA run in troubles like the authentication device lost or stolen, false sense of security (if used on login device), compromised answer of the generic question, higher implementation costs, unambiguous movement profile, calculated hash value stolen (there is no chance to replace it), etc. Compliance with Anti-Money Laundering (AML), Know Your Customer (KYC) and sanction requirements continue to be a key focus area for Financial Institutions' (FIs) management; firms must ensure that they are following appropriate compliance procedures to meet the increasing regulatory demands [1,2]. By addressing existing limitation of MFA, this paper proposes dynamic KYC based MFA authentication method to ensure the secured access of the financial services through the internet. Analysis and simulation results show that the proposed method provides control same as existing MFA/2FA techniques, but customers will get relief from holding additional security devices that incur huge cost.