NUL App Makes it to Canada

NUL App Makes it to Canada

ROMA – MOKHUTLI Letsae’s one-time-password (OTP), has made it to the prestigious “International Conference on Computer Security: Information Security and Internet” in Toronto, Canada.
The App works like this: When you are doing online banking, you sometimes get an OTP for the bank to prove it is you.
However, it may still not be you but someone stealing your money.
“With this app, before the bank sends you an OTP, it first receives a face image from you to make sure that it is you to whom the OTP has to be sent,” says the National University of Lesotho (NUL) trained Mokhutli Letsae.

The details of this brilliant app were accepted for presentation at the International Conference on Computer Security in Canada.
Let’s see why this app is so important.
Those of you who have ever done online banking will know what we are talking about.
Let’s say you want to transfer money from your account to the account of Mr Joe in a business transaction.
You don’t just put Mr Joe’s banking details and send the money as that would be too risky.
It could be that it is not you but a cyber-shark (somebody who stole your password without you being aware of it) doing the online transactions, transferring your money to their account.
So the bank folks are wise.

They know the tricks of these online predators.
So before making a transaction, they send you a One Time Password (OTP).
The benefits of the OTP are obvious.
It is a password sent to a phone number you registered with your bank.
Unless you were held at gun-point, it is highly unlikely that someone stole both your password and your cell-phone.
So we have high degree of confidence that the OTP is going only to you.
If you put in the OTP, then the bank is satisfied (kind of) that it is you and the money is then transferred.
But in an imperfect world, guess what? It might still not be you!

The cyber-sharks are always coming up with ways to evade the latest technology meant to cure their mischief.
“So they may have a way of hacking into your system and getting that OTP,” Letsae said.
“That is so, despite the fact that banks have made everything possible to ensure that the OTP is hidden (encrypted).”
However, as we enter the age of the Fourth Industrial Revolution, something called Artificial Intelligence (AI) is reinventing itself in a big way.
More importantly, there is a branch of AI that is called Deep Learning or Machine Learning which is even more exciting.

So Letsae’s work is using some kind of AI to evade the cyber sharks even further, using machine learning.
This is how.
When you make an online transaction, the system asks for your face image.
When your face image reaches the bank, it is compared with an image that the bank took at the time when you were registering for an online banking.
When it is convinced that is indeed you, it is only then that it can send an OTP.

This is so that it doesn’t send the OTP to a stranger or cyber-shark.
There is a good reason for using your face.
No one has your face, even your twin brother (sister).
And no one can steal your face (unless they chop your head off, which is highly unlikely).
In short, his app uses both encrypted OTPs and images to ensure maximum protection.
But how did he do it?

“I used a Microsoft based programming language called C-sharp to build the app,” he said.
“It is user-friendly and easy to understand. If someone wants to improve on my app, it is easy to do so. Even more, it works on a number of operating systems such as Linux, Microsoft, Android and Apple.”
From there, the system was improved through the use of Application Programming Interface (API).
APIs are systems that add more functionality to the app.
“I have to make sure that my OTPs are encrypted (hidden from the cyber sharks),” he said, “So I use API to encrypt the OTPs.”

But how does the system identify your facial image?
First, a number of your pictures are taken in and stored.
They are first stored as pixels which are later changed into numbers that can only match your image.
It is a complicated process.
However, the closer the stored numbers are to the number that we get when we receive your image during a transaction, the more likely it is you who is doing the transaction.
No wonder the international cyber-security gurus were impressed!

Own Correspondent


Previous Standard Bank takes on wool ‘lies’
Next Parties boycott reforms meeting

Warning: count(): Parameter must be an array or an object that implements Countable in /home/thepostc/public_html/wp-content/themes/trendyblog-theme/includes/single/post-tags-categories.php on line 7

About author

You might also like


Tempers flare at State House

MASERU – THERE was drama at the State House as tempers flared after All Basotho Convention (ABC) talks collapsed for the fifth time, thepost has heard. The warring factions traded

Local News

Minister wants police to shoot to kill suspects

MAFETENG – THE Minister in Prime Minister’s Office Temeki Tšolo says security agents must shoot to kill when dealing with crime suspects, even if it means doing so in broad

Local News

Dried food is good!

ROMA – DRIED fruit is good. That is why the National University of Lesotho (NUL) is happy to introduce the Mangangajane Electric Fruit Drier. That is because Seforo Mohlalisi and Thabo