Enhancing Security System of Short Message Service for Banking Transaction


  • I Made Sunia Raharja
  • Ahmad Ashari




security, SMS, banking, Indoneisa, encryption, cryptography


SMS banking still becomes a popular way to make transaction inquiry in Indonesia. The technology protocol used by the service provider is still not secure. The majority of local banks in Indonesia still use non-secure SMS protocols standard. Therefore, an SMS Banking protocol, providing information security service in the transactional message, is urgently in need. Information security can be achieved through some security mechanisms, i.e., encipherment, digital signature, data integrity, and key exchange. These mechanisms are applicable through the implementation of cryptography. SMS Banking security protocol in this research runs through two steps. The first step is the transmission of the transaction request, and the second step is the transaction process. The encipherment is conducted using 3DES symmetric cryptography. Digital signature and data integrity are conducted using ECDSA asymmetric cryptography. The key exchange is conducted using ECDH. The test result showed that the implementation of the protocol could conduct an SMS Banking service and provide protection over the PIN. In general, this protocol has fulfilled X.800 security services.


CISSReC, Cegah Pencurian Dana Nasabah, Perbankan Harus Perkuat Keamanan SMS Banking, 2015. [Online]. Available at: http://bit.ly/2XiRz53. (in Indonesian)

M. Hassinen, S. Markovski, Secure SMS Messaging using Quasigroup Encryption and Java SMS API, in P. Kilpeläinen & N. Päivinen, ed., ‘SPLST,’ University of Kuopio, Department of Computer Science, 2003, pp. 187.

V. Manoj, Bramhe, “SMS based secure mobile banking,” International Journal of Engineering and Technology, vol. 3, pp. 472–479, 2011.

R. Rayarikar, S. Upadhyay, P. Pimpale, “SMS encryption using AES algorithm on Android,” Foundation of Computer Science, vol. 50, no. 9, pp. 12-17, 2012. https://doi.org/10.5120/7909-1038.

Y. L. Ng, Short Message Service (SMS) Security Solution for Mobile Devices, Nanyang Technological University, Singapore, pp. 1-4, 2006.

D. Lisoněk, M. Drahanský, “SMS encryption for mobile communication,” Proceedings of the International Conference on Security Technology, 2008, pp. 198-201. https://doi.org/10.1109/SecTech.2008.48.

N. Qi, J. Pan, Q. Ding, “The implementation of FPGA-based RSA public-key algorithm and its application in a mobile-phone SMS encryption system,” Proceedings of the International Conference on Instrumentation, Measurement, Computer, Communication and Control, 2011, pp.700-703. https://doi.org/10.1109/IMCCC.2011.178.

N. Saxena, N.S. Chaudhari, “A secure digital signature approach for SMS security,” International Journal of Computer Aplication (IJCA), vol. 1, pp. 98–102, 2011.

N. Saxena, A. Payal, “Enhancing security system of short message service for M-Commerce in GSM,” International Journal of Computer Science & Engineering Technology (IJCSET), vol. 2, pp. 126–133, 2011.

A.K Nanda, L.K. Awasthi, SMS Security Using NTRU Cryptosystem for M-Commerce, Research Scholar, CSE Department National Institute of Technology, 2012, 17 p.

M. Toorani, A.A. Beheshti, “SSMS – A secure SMS messaging protocol for the M-Payment systems,” Proceedings of the 13th IEEE Symposium on Computers And Communications (ISCC’08), 2008, pp. 700–705. https://doi.org/10.1109/ISCC.2008.4625610.

Y.L. Ng, Short Message Service (SMS) Security Solution for Mobile Devices, Nanyang Technological University, Singapore, 2006, pp. 5-6.

A. Mehrotra, GSM System Engineering, Artech House, London, 1997, 472 p.

M.K. Chong, Security of Mobile Banking: Secure SMS Banking, Data Network Architectures Group Department of Computer Science University of Cape Town, Private Bag, Rondebosch 7701, South Africa, 2006, 69 p.

T. Clements, SMS – Short but Sweet, 2003, [online]. Available at: http://tinyurl.com/bvk6qoh.

K. Kohli, SMS in Banking Mitigating the Risks, Paladion Networks, Paladion Knowledge Series, 2004, 9 p.

W. Stallings, Cryptography and Network Security Principles And Practice Fifth Edition, Prentice Hall, New York, 2011, 752 p.

B. Schneier, Applied Cryptography Protocols, Algorithms, and Source Code in C, 2nd ed, John Wiley & Sons, inc., New York, NY, USA, 1995, 758 p.

G.J. Holzmann, Design and Validation of Computer Protocols, Prentice, Hall Software Series, Upper Saddle River, NJ, USA, 1991, 512 p.

A. Emmanuel, Mobile Banking in Developing Countries: Secure Framework for Delivery of SMS-banking Services, The Netherlands. Security of Systems, Radboud University Nijmegen, 2007, 53 p.

W.C. Barker, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, National Institute of Standards and Technology, Gaithersburg, 2012, MD 20899-8, 35 p. https://doi.org/10.6028/NIST.SP.800-67r1.

O.A. Hamdan, B.B. Zaidan, A.J. Hamid, M. Shabbir, Y. Al-Nabhani, “New comparative study between DES, 3DE, and AES within nine factors,” Journal of Computing, vol. 2, issue 3, pp. 152-157, 2010.




How to Cite

Raharja, I. M. S., & Ashari, A. (2021). Enhancing Security System of Short Message Service for Banking Transaction. International Journal of Computing, 20(1), 31-38. https://doi.org/10.47839/ijc.20.1.2089