Zeinab Zare Hosseini - Department of Engineering & Technology, Payame Noor University, Tehran
Ehsan Barkhordari - Department of Engineering & Technology, Payame Noor University, Tehran
Maryam Sadri - Department of Engineering & Technology, Payame Noor University, Tehran

Industry sectors such as banking have openly embraced E-commerce to improve their performance and gain strategic competitive advantages. Security and confidentiality of personal information and internet banking transactions is the most important concern for both businesses and consumers. There are a lot of malicious software and various kinds of attacks that steal financial account information. These attacks such as phishing, Trojans, malwares and etc have increased dramatically day to day, potentially resulting in a direct loss of hard currency to affected victims. So internet banking requires development and implementation sound and strong authentication methods that identify uniquely customers in a remote environment. This research assesses suggested protocols of authentication and methods in use at some internal and external banks, then propose an efficient token based method for authentication with help of virtual password concept. Then it simulated a client and server environment with ASP.NET programming language. Finally the result of proposed method is compared to Meli bank of Iran that used a hardware token.

Authentication, Security, Virtual function, Internet banking