Recently, mobile banking services have suffered from various security threats. In
particular, critical damages can be caused by advanced attacks based on memory hacking
such as man-in-the-browser (MITB) attack. To address such attacks, transaction sig...
Recently, mobile banking services have suffered from various security threats. In
particular, critical damages can be caused by advanced attacks based on memory hacking
such as man-in-the-browser (MITB) attack. To address such attacks, transaction signing
has been rigorously researched, dominant approach, for which is based on one time
password(OTP). But, the existing OTP approaches are limited to satisfy both security and
convenience. Motivated by this, we proposes a novel transaction signing security scheme
based on wearable OTP device, whose security is then formally verified through the
AVISPA tool.