TermDefinition

AppsA self-contained program or piece of software designed to fulfill a particular purpose; an application.

Asymmetric / symmetric encryptionSymmetric encryption is type ofencryptionwhere the samekeyis used to encrypt and decrypt the message.Asymmetric (or public-key) encryption uses one key to encrypt a message and another to decrypt the message.

Authentication / 2-factor / multi-factor authenticationAuthenticationis any process by which a system verifies the identity of a User who wishes to access it.2-factor- something the user has to verify his/ her identity.

Backdoor methodsAbackdoorin acomputersystem (orcryptosystemoralgorithm) is a method of bypassing normalauthentication and securing unauthorized remote access to a computer, while attempting to remain undetected.

Brute-force decryptionA method of breaking a cipher (that is, todecrypta specific encrypted text) by trying every possible key.

Contactless technologyContactless technologyis a term often used to describe a set of technologiesoriginally developed to help identify objects.

Device Description Repository (DDR)DDR will be able to make use of repositories to adapt their content to best suit the requesting device. This will facilitate the interaction and viewing of Web pages across devices with widely varying capabilities.

Extended validation digital certificateAs the highest class of SSL available, Extended Validation SSL Certificates (EV SSL) activate both the padlock and the green address bar in all major browsers. EV SSL Certificates provide the strongest encryption level available and enable the organization behind a website to present its own verified identity to website visitors.

Global System for Mobile communication (GSM)A standard developed by the European Telecommunications Standards Institute (ETSI) to describe protocols for second generation (2G) digital cellular networks used bymobile phones.

HTTP(S)

HTTP is the foundation of data communication for theWorld Wide Web.

1. HTTPSis the use of Secure Socket Layer or Transport Layer Security as a sub layer under regularHTTPapplication layering.HTTPSencrypts and decrypts user page requests as well as the pages that are returned by the Web server.

Man-in-the-Browser (MitB) TrojanMan-in-the-browser, a form of Internetthreatrelated toman-in-the-middle(MITM), is a proxyTrojan horsethat infects aweb browserby taking advantage of vulnerabilities inbrowser securityto modifyweb pages, modify transaction content or insert additional transactions, all in a completely covert fashion invisible to both the user and hostweb application.

Mobile WalletThemobile wallet refers to a mobile technology that is used similarly to a real wallet. The Mobile Wallet provides a convenient solution for any business looking to allow customers to purchase their products online with greater ease, therefore driving sales.

M-PESAMPESA is a mobile phone based money transfer andmicro financingservice, and is the largest mobile network operators inKenyaandTanzania. MPESA allows users with a national ID card or passport to deposit, withdraw, and transfer money easily with a mobile device.

NFC1. Near Field Communicationis a short-range wireless connectivity standard that uses magnetic field induction to enable communication between devices when they're touched together, or brought within a few centimeters of each other.

One-time passwordAone-time passwordis apasswordthat is valid for onlyone login session or transaction.

Out-of-band verificationOut-of-Band Authenticationis the use of two separate networks working simultaneously to authenticate a user.

PhishingThe activity of defrauding an online account holder of financial information by posing as a legitimate company.

PingitBarclaysPingitis a system for the mobile transfer of money in the United Kingdom.

Push / Pull technologyPush describes a style ofInternet-based communication where the request for a given transaction is initiated by the publisher or centralserver. Pull technology is where the request for the transmission of information is initiated by the receiver orclient.

QR codesA machine-readable code consisting of an array of black and white squares, typically used for storing URLs or other information for reading by the camera on a smartphone.

SMS

1. Short Message Serviceis a text messaging service component of phone, Web, or mobile communication systems. It uses standardized communications protocols to allow fixed line or mobile phone devices to exchange short text messages.

SSL/TLS1. Transport Layer Security (TLS) and its predecessor,Secure Sockets Layer(SSL), are cryptographic protocols designed to provide communication security over the Internet.

STK (SIM Application Toolkit)1. SIM Application Toolkit(commonly referred to asSTK) is a standard of the GSM system which enables the Subscriber Identity Module (SIM) to initiate actions which can be used for various value-added services.

Transaction authentication number (TAN)1. Atransaction authentication number(TAN) is used by some online banking services as a form of single use one-time passwords to authorize financialtransactions. TANs are a second layer of security above and beyond the traditional single-passwordauthentication.

TrojanATrojanis a generally non-self-replicating type ofmalwareprogramcontaining malicious code that, when executed, carries out actions determined by the nature of the Trojan, typically causing loss or theft of data, and possible system harm.

User agent header fieldIncomputing, auser agentis software that is acting on behalf of auser.In many cases, a user agent acts as aclientin anetwork protocolused in communications within aclientserverdistributed computing system. In particular, the Hypertext Transfer Protocolidentifies the client software originating the request, using a"User-Agent" header, even when the client is not operated by a user.

WEP1. Wired Equivalent Privacyis a security protocol that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is usually expected of a wired LAN.

WPA1. Wi-Fi Protected Access (WPA) is a security standard for users of computers equipped with Wi-Fi wireless connection. It is an improvement on and is expected to replace the original Wi-Fi security standard, Wired Equivalent Privacy (WEP).

ZappZero Assignment Parallel Processor. A virtual tree machine architecture in which a process tree is dynamically mapped onto a fixed, strongly connected network of processors communicating by message passing.

List out the benefits of mobile banking List out the functions of bank and their transaction practices Analyze and briefly explain how banks protect their data How encryption and decryption protect data Analyze the different security issues that take place in banking sector List out some online frauds. Why TAN is important. What role it plays? What are the different protocols that are used for mobile banking How digital certificate prevent fake documents What is brute force? How Brute force decryption method works. How are apps used for mobile banking Explain in detail on how mobile payment services Pingit and Zapp works.