Abstract- QR codes. This scheme uses EVC for share

 

Abstract- This
system approaches a new scheme for online fraud transaction prevention using
extended visual cryptography(EVC) and QR codes. This scheme uses EVC for share
generation. One time password is used for phishing website detection. Extended
visual cryptography is used for converting the QR code into two shares. The
system provides security for online users and detecting the phishing websites.
By using this technique, we can verify the shares are genuine or not. It
provides better security in preventing phishing attack compared to visual
cryptography.

In
proposed system user first registered on the website. Client sends verification
request to merchant server and the merchant server sends ID and password to
bank server for verification. If it is valid then generate One Time Password
(OTP) and apply EVC for shares generation. Bank server sends one share to the
client and one share to the server.Then merchant server sends this share to the
client. At the time of reconstruction, two shares are combined to reveal the
original OTP. Then client sends this OTP to bank server for verification.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

 

 

Keywords-OTP,
Phishing, QR code, Extended visual cryptography.

I.INTRODUCTION

In this Scenario Phishing is the
common attack that takes place. Phishing  is
the attempt to obtain sensitive information such as username ,password and
credit card details often by malicious reason by distinguishing the trustworthy
entity in electronic communication. Phishing is typically carried out by mail
spoofing and instant messaging.

In this paper,
we proposed a new scheme for providing security during an online transaction
for online frauds detection using Extended Visual Cryptography (EVC) and QR
code. By using this technique, we provide better security to people. In
proposed system user first registered on the website. Client sends verification
request to merchant server and the merchant server sends ID and password to
bank server for verification. If it is valid then generate One Time Password
(OTP) and apply EVC for shares generation. Bank server sends one share to the
client , client can download the image only after entering an  OTP that is send to the corresponding Mobile
Device. and one share to the server. Then merchant server sends this share to
the client. At the time of reconstruction, two shares are combined to reveal
the original OTP. Then client sends this OTP to bank server for verification.

 

II.METHODOLOGY

 Now a day an
onIine transaction has become very common. There are various attacks present
during the online transaction. Phishing is a very common attack. We propose a
new  scheme using EVC and QR code

1. System user
does registration process first. The user first enters username and password.

2. User sends
this username and password to the merchant server.

 3. Merchant server sends this username,
password to bank server with server ID/password.

 4. Bank server checks this user data into bank
database and verifies the user.

 5. If verification succeeds then bank server
generates one OTP.

 6. Convert OTP into QR code.

 7. Apply visual cryptography on QR code and
generate share 1 and share 2.

 8. Load cover image and embed share _1 into a
cover image using steganography.

 9. Bank server sends stego image to merchant
server

 10. Share 2 via email to the client and it can
be accessed only if the client enters an OTP that is send to clients mobile.

 11. Merchant server sends stego image to the
client.

 12. Client applies de-steganography on
merchant server and gets share _1 from the cover image.

 l 3. User downloads share 2 from mail.

14. Superimpose
share _1 and share _2 and get QR code.

15. After
getting QR code user scan this QR code and get OTP as output.

 16. User enters the OTP and send to server for
verification. By using this technique verify merchant server is genuine or not.

Proposed system
is shown in Fig.2. In this system the user registration is done first. User
sends request to merchant server and merchant server sends ID and password to
bank server for verification. If it is valid then generate OTP and apply EVC
for shares generation. Bank server sends one share to the client and one share
to the server. The merchant server sends this share to the client. At the time
of reconstruction, two shares are combined to reveal the original OTP. Then,
user sends this OTP to bank server for verification.

 

III.CONCLUSION

This paper
proposes a method for Online Fraud Transaction prevention using extended visual
cryptography and QR code techniques. Using extended visual cryptography we can
verify the shares are genuine or not. Therefore, it provides better security in
preventing phishing attack compared to visual cryptography.

 

 

 

 

 

 

 

IV.REFERENCE

1 A. Alnajim
and M. Munro, “An anti-phishing approach that uses training intervention
for Phishing websites detection,” in Proceedings of the 2009 Sixth
International Conference on Information Technology: New Generations.
Washington, DC, USA: IEEE Computer Society, 2009, pp. 405-410.

2 D. R.
Anekar, Binay Rana, Vishal Jhangiani,” Online Banking Security System
Using OTP Encoded in QR-Code “, 2015, IJARCSSE.

3 Souvik Roy
and P. Venkateswaran, “Online Payment System using Steganography and
Visual Cryptography,” 2014 IEEE Students’ Conference on Electrical,
Electronics and Computer Science.

4 Souvik Roy
and P. Venkateswaran, “Online Payment System using Steganography and
Visual Cryptography,” 2014 IEEE Students’ Conference on Electrical,
Electronics and Computer Science.