Article Per Year (5 Year)
p-Index From 2019 - 2024
1.343
P-Index
This Author published in this journals
All Journal International Journal of Electrical and Computer Engineering Perfecting a Video Game with Game Metrics Sistemasi: Jurnal Sistem Informasi Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) CogITo Smart Journal The Indonesian Journal of Computer Science
Rizal Fathoni Aji
Universitas Indonesia
Computer Science & IT Decision Sciences, Operations Research & Management Education Electrical & Electronics Engineering Engineering

Published : 9 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search
Journal : Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi)

 1 
Utilization of Mobile Network Infrastructure to Prevent Financial Mobile Application Account Takeover Aldiansah Prayogi; Rizal Fathoni Aji
Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) Vol 7 No 4 (2023): August 2023
Publisher : Ikatan Ahli Informatika Indonesia (IAII)

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.29207/resti.v7i4.5025

Abstract

The Covid-19 pandemic has kept almost everyone at home and forced them to perform online activities using their mobile gadgets. Penetration of the Internet and mobile use is increased as lockdowns or restrictions on meeting face to face are getting used to. This has become a new market for cyber criminals to carry out their actions, such as spreading Social Engineering, sending Phishing, doing Account Takeover, and ending in theft of money in Financial Mobile Applications. Application protection with OTP SMS and Magic Link SMS still has vulnerabilities, with several examples of cases that have occurred. For this reason, this problem was raised to find a solution using the Mobile Network Infrastructure. The method used is to compare the congruence between the phone numbers registered in the application and the phone numbers used. Every time a user signs in or signs up, the Financial Mobile Application will perform Mobile Network Verification to cellular operators via API. Verification is carried out by utilizing the header enrichment in the background of the application process that was installed on the user's smartphone or tablet to the Mobile Network Verification Server. The Financial Mobile Applications can then determine whether the user is using a valid or invalid telephone number. Therefore, the target account cannot be taken over because the cyber criminal's mobile device does not have the phone number attached to the victim’s mobile device. This proof is carried out with four test case scenarios with the sign-up and sign-in processes on the same phone number and different phone numbers between devices and applications. It is hoped that this kind of protection model can reduce losses experienced by users of Financial Mobile Applications due to Account Takeover.
Co-Authors Adi Hartanto Aldiansah Prayogi Anugerah Christian Rompis Farroh Sakinah Mulyadi Heru Suhartanto Lintang Wisesa Atissalam Lutfi Hakim Maulana Bobby Rakhman Siregar Punto Widharto Setiadi Yazid, Setiadi Zaldy Suhatman