A Hybrid Authentication Mechanism for Preventing Phishing Attacks on E-banking Systems: The Nigeria Case Study

This paper presents multifactor authentication method for securing access to e-banking systems in Nigeria using fingerprint recognition and SiteKey authentication. Fingerprint authentication is based on the notion of fingerprint individuality; the idea that fingerprint image of an individual is unique and can be used to uniquely identify him/her. SiteKey authentication on the other hand, uses a unique image chosen by customers to help banks recognise their genuine customers and to help customers recognise the genuine website of their bank through its authentication process. Verifying e-banking systems users’ identity claims by combining these two authentication methods will be a promising solution to the problems of phishing attacks and identity theft facing e-banking systems implementation in Nigeria. Phishing attack and identity theft are the major threats to the success of the newly introduced cashless economy policy in Nigeria. Traditional password-based authentication used in the past seems insufficient hence the need for improved authentication methods. This paper contributes to the state-of-art knowledge of fingerprint recognition and SiteKey authentication by improving the understanding of the technologies and by demonstrating how the technologies can be used in e-banking environment. Keywords— e-banking systems, phishing attacks, authentication systems, sitekey authentication, biometrics.