Abstract
In this paper, a digital investigation of electronic (e)-banking services on the Windows Phone platform of nine Indonesian banks is undertaken. In the experiments, banking transactions (balance check, funds transfer and phone credit purchase) are performed using a Nokia Lumia 625. The digital evidence resulting from these transactions is acquired and analyzed using mobile forensic tools from Cellebrite and Micro Systemation AB. In order to reconstruct the transaction events, evidence objects are identified and related events are sequenced. Specifically, the findings relating to mobile banking activities identify eight digital evidence objects (SMS, email, call log, contact, media file, network packets, location and installed apps), and a physical object (account book - obtained from a physical investigation). Investigation questions of who, what, when and how are answered from the acquired evidence and the event sequence diagrams. The findings contribute to a better understanding of available mobile banking evidence on Windows Phone devices.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Understanding Worldwide Attitudes, Behaviours and Trends in Mobile Content and Commerce. https://mobileecosystemforum.com/programmes/analytics/mef-country-report-indonesia/mef-country-report-indonesia-download/
Operating System Market Share. https://www.netmarketshare.com/operating-system-market-share.aspx
Carrier, B.D., Spafford, E.H.: Defining event reconstruction of digital crime scenes. J. Forensic Sci. 49(6), 1291–1297 (2004)
Johnson, C.: Failure in Safety-Critical Systems: A Handbook of Incident and Accident Reporting. Glasgow University Press, Scotland (2003)
Jung, J.-H., Kim, J.Y., Lee, H.-C., Yi, J.H.: Repackaging attack on Android banking applications and its countermeasures. Wirel. Pers. Commun. 73(4), 1421–1437 (2013)
Chanajitt, R., Viriyasitavat, W., Choo, K.-K.R.: Forensic analysis and security assessment of Android m-banking apps. Aust. J. Forensic Sci. 1–17 (2016)
Barmpatsalou, K., Damopoulos, D., Kambourakis, G., Katos, V.: A critical review of 7 years of mobile device forensics. Digit. Invest. 10(4), 323–349 (2013)
Cahyani, N.D.W., Martini, B., Choo, K.-K.R., Al-Azhar, M.N.: Forensic data acquisition from cloud-of-things devices: Windows smartphones as a case study. Concurr. Comput. 29(14), 1–16 (2017)
Cahyani, N.D.W., Ab Rahman, N.H., Glisson, W.B., Choo, K.-K.R.: The role of mobile forensics in terrorism investigations involving the use of cloud storage service and communication apps. Mobile Netw. Appl. 22(2), 240–254 (2017)
Carrier, B., Spafford, E.H.: Getting physical with the digital investigation process. Int. J. Digit. Evid. 2(2), 1–20 (2003)
Weir, C.S., Douglas, G., Richardson, T., Jack, M.: Usable security: user preferences for authentication methods in eBanking and the effects of experience. Interact. Comput. 22(3), 153–164 (2010)
Gunson, N., Marshall, D., Morton, H., Jack, M.: User perceptions of security and usability of single-factor and two-factor authentication in automated telephone banking. Comput. Secur. 30(4), 208–220 (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Cahyani, N.D.W., Martini, B., Choo, KK.R., Ashman, H. (2018). Event Reconstruction of Indonesian E-Banking Services on Windows Phone Devices. In: Beyah, R., Chang, B., Li, Y., Zhu, S. (eds) Security and Privacy in Communication Networks. SecureComm 2018. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 255. Springer, Cham. https://doi.org/10.1007/978-3-030-01704-0_29
Download citation
DOI: https://doi.org/10.1007/978-3-030-01704-0_29
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-01703-3
Online ISBN: 978-3-030-01704-0
eBook Packages: Computer ScienceComputer Science (R0)