280 likes | 441 Views
Secure Branchless Banking. Ashlesh Sharma Lakshminarayana Subramanian Dennis Shasha. A Paper by. at. A Presentation by N. Venkatesh. The Problem. Low banking access in rural areas due to: Large distances Sparse population Poor transport Most transactions of low value
E N D
Secure Branchless Banking Ashlesh Sharma Lakshminarayana Subramanian Dennis Shasha A Paper by at A Presentation by N. Venkatesh
The Problem • Low banking access in rural areas due to: • Large distances • Sparse population • Poor transport • Most transactions of low value • High cost of delivery • Low financial security – need to store cash and take credit from alternative private sources • Alternative channels are unscrupulous and prove to be debt traps
Two Great Movies One Common Theme: the unscrupulous money lender!!
Financial Exclusion in India • Farmer households – 90 million, of which 51.4% don’t have access to any credit • Only 27% get credit from formal sources • Among those with income <Rs. 50K p.a. only 15% avail loans • Only 40% of all Indian households have bank accounts • Bank to customer ratio: 1:16000 • RBI is encouraging banks to open branches in unbanked areas
Barriers to Financial Inclusion • Legal identity proof – voter ID, PAN Cards, BPL cards etc difficult to obtain • Limited literacy + awareness • Low income • Terms and conditions set by banks • Complicated processes • Psychological & cultural barriers
Measures for Inclusion • Could be regulatory/ voluntary • UK – Financial Inclusion Task Force – provides for no-frills banking, credit and money advice • US – Community Reinvestment Act (CRA) – prohibits discrimination against small account holders (min bal=$0.10) • India – Khan Commission (2004), extending banking network through business correspondents (i.e. agents appointed by banks)
Branchless Banking Solutions • Bank network can be enlarged through agents • Consumers prefer ease of use over rich functionality – ‘no-frills banking’ • Increasing (albeit slowly) mobile phone penetration in rural India • UID implementation rich source for KYC • Security is a key requirement of any solution • Farmer-Shopkeeper-Bank (FSB) protocol to provide for secure deposits & withdrawals
A Simple Rural Banking Scenario Bank assigns shopkeeper in village as its agent – acts as gateway for financial transactions Farmer needs to open account in Bank by visiting it once, deposits & withdrawals remotely using shopkeeper & mobile phone Farmer goes to shopkeeper for withdrawals & deposits. Money transfers etc can be built on this model Transaction can be carried out on shopkeeper or farmer’s mobile but SHOPKEEPER DIALS
Security Protocol Requirements • Transactions at bank are the same as ones that shopkeeper & farmer agree as having taken place • Should prevent cheating by shopkeeper, farmer or third party • Should allow people who cannot read any text except numbers to securely transact • Intuitive and verifiable • Scale to support large user set at low cost
Shopkeeper Registration Registers as agent with bank, gets name and unique number Bank records shopkeeper’s voice-print – unique number and name Bank gives random number sequence Ns= Ns1, Ns2…….. Nsn to shopkeeper Ns is a secret between Bank and shopkeeper Contained in scratch card based check book used by shopkeeper to reveal Nsj after every transaction Check book has carbon copy to be retained by shopkeeper after every transaction
Farmer Registration Opens account with bank, gets name and unique number Bank records farmer’s voice-print – unique number and name Bank gives three random number sequences or nonces X= X1, X2…….. Xn, Y= Y1, Y2…….. Yn, Z= Z1, Z2…….. Zn, to farmer Numbers are secret between Bank and farmer Contained in scratch cards When farmer needs Xi, Yi or Zi he will scratch a card to reveal them ASSUMPTION : shopkeeper & farmer can keep secrets! If numbers are stolen voice print provides a defense but is subject to dispute resolution
How Farmer Withdraws Money • Farmer gives Xi to shopkeeper • Shopkeeper dials bank, enters Xi, farmer id, his own id and his Nsj • Bank checks nonces, ids and returns Yi as voice response for farmer to verify. If it does not match, shopkeeper may not have dialled bank. If shopkeeper dials stale Xi, bank terminates transaction • Farmer enters amount and Zi this adds protection layer if shopkeeper dials accomplice to steal Xi • Bank gives voice response with transaction type, amount, date/time, farmer id & shopkeeper id • Shopkeeper gives amount to farmer
How Farmer Withdraws Money – 2 • Farmer speaks his voice print, transaction type, amount, date/ time, his name and shopkeeper name • Bank compares voiceprint and accepts if it matches, else it rejects transaction • Farmer signs receipt containing Nsj • Shopkeeper gives original receipt to farmer, retains copy • Physical copy proof of the transaction
How Farmer Makes Deposits • Steps till handing of money same. In this case, farmer gives money to shopkeeper • Shopkeeper speaks his voice print, transaction type, amount, date/time, farmer’s name, his own name • In deposits, we do not need farmer to speak, shopkeeper’s voice print is to protect him against stolen nonces being used in phantom deposits • Shopkeeper provides receipt to farmer containing his nonce Nsj • Comment: Multiple nonces for illiterate farmers is a complex task • With some modifications, protocol can provide for peer to peer transfer and utility bill payments
Security Guarantee forBank • Nonces provide secure channel • Voiceprint for dispute resolution (between farmer & shopkeeper) • Bank cannot fake transaction as it must store voice in report of transaction • Receipts provide physical evidence of transaction • Shopkeeper and farmer can record the conversation with the bank
Internal Threats • S to B – S knows he is transacting with B since he has dialled B’s no. B knows S since he has provided Nsj • F to B – B verifies F through Xi and F verifies B through voice response & Yi • S to F – Bank identifies shopkeeper and farmer in its voice out message • S faking withdrawal not possible – needs F’s nonces • F faking deposit not possible – needs S’ nonces • S & F collude – Zero sum game for bank
External Threats • Eavesdropping – GSM uses A5/1 7 A5/2 stream cipher. Even if nonces are known through decrypting they cannot be reused • Spoofing – SIM/ IMSI can be spoofed, spoofer would still need nonces • Bank cannot be spoofed since it also has to provide correct nonce Yi • Detecting voice traffic and inserting fake information like amount is time consuming and has not been done before • If imposter steals all three nonces (X,Y,Z) he cannot complete transaction without voiceprint • There will also be no signature on receipt (Comment: many farmers may use thumbprint, shopkeeper cannot verify genuine F from bogus F) • Correlating waveforms of voiceprints in frequency domains is not legally tenable
Existing Solutions • M-PESA (Kenya), G-Cash (Philippines), Wizzit (South Africa) • Allow peer to peer money transfer, deposits, withdrawal, utility bill payments • Limited or no interaction with banks • Wizzit uses USSD, M-PESA uses USSD for initiating transaction, G-Cash only uses SMS. • USSD more secure than SMS as it does not store data on phone but uses plain text. FSB uses voice+ nonce to create secure channel • SMS use in M-PESA & G-Cash easy to use, FSB uses similar keying method • Final Comment: FSB under development, could not find any subsequent work on the subject. Utility is doubtful.
Developments in India • IMG constituted in Nov’09 for ‘no-frills banking, submitted report in Mar’09 • Key players – Banks, MSP, Post Offices, BCs, UIDAI, NPCI • BC/ sub agent plays the role of shopkeeper, needs to be associated with designated base bank branch, can provide basic banking services for all banks • No frills account opened by banks. Mobile is only the medium, loss of phone/ SIM will not lead to loss of money • Max transaction value – 5000/day, 25000/month • Transactions independent of service providers • Allowed transactions – balance enquiry, deposit cash, credit under NREGS, withdraw cash, peer to peer transfers
Infrastructure Components • UIDAI – authentication of bio-metrics through finger print reader on micro-ATMs • Banks – Core banking solutions • REMIT – real time micro transactions switch for transaction routing • Account Mapper – table with three attributes, UID, Bank Account No (including bank routing no.) and mobile no. Given UID/ mobile, it extracts account no • INFAST – Inter-operable Infrastructure for Accounting Small Transactions – limited version of CBS to accelerate transactions • Micro ATM/ Mobile PoS – with BC