A permissioned decentralized blockchain-based mobile banking system with privacy and security

Abstract

With technological advancement in Bangladesh’s FinTech, more and more security related challenges are emerging. From, Nagad, a government FinTech company, withholding the transaction ability of their consumers due to security purposes, to consumers of mobile banking services (i.e. bKash, Nagad, Rocket etc. etc.) getting scammed through being asked by fraudulent callers for the OTP SMS pin codes sent to their mobile phones, the security breach is becoming more of a common occur rence. These breaches are occurring primarily for two reasons: (i) the consumers are not aware of the technological environment fully and (ii) the service providers have not set up any strong measure that can verify whether the transaction has been requested to be done from both of the parties. To address this security vulnerability, we propose a combination of Permissioned Blockchain with 2-factor authentication that would (i) verify the willingness of the transaction from both the parties, (ii) ensure the privacy of the willing parties and (iii) identify the consumer to be the actual owner of the account.