NUL App Makes it to Canada

NUL App Makes it to Canada

ROMA – MOKHUTLI Letsae’s one-time-password (OTP), has made it to the prestigious “International Conference on Computer Security: Information Security and Internet” in Toronto, Canada.
The App works like this: When you are doing online banking, you sometimes get an OTP for the bank to prove it is you.
However, it may still not be you but someone stealing your money.
“With this app, before the bank sends you an OTP, it first receives a face image from you to make sure that it is you to whom the OTP has to be sent,” says the National University of Lesotho (NUL) trained Mokhutli Letsae.

The details of this brilliant app were accepted for presentation at the International Conference on Computer Security in Canada.
Let’s see why this app is so important.
Those of you who have ever done online banking will know what we are talking about.
Let’s say you want to transfer money from your account to the account of Mr Joe in a business transaction.
You don’t just put Mr Joe’s banking details and send the money as that would be too risky.
It could be that it is not you but a cyber-shark (somebody who stole your password without you being aware of it) doing the online transactions, transferring your money to their account.
So the bank folks are wise.

They know the tricks of these online predators.
So before making a transaction, they send you a One Time Password (OTP).
The benefits of the OTP are obvious.
It is a password sent to a phone number you registered with your bank.
Unless you were held at gun-point, it is highly unlikely that someone stole both your password and your cell-phone.
So we have high degree of confidence that the OTP is going only to you.
If you put in the OTP, then the bank is satisfied (kind of) that it is you and the money is then transferred.
But in an imperfect world, guess what? It might still not be you!

The cyber-sharks are always coming up with ways to evade the latest technology meant to cure their mischief.
“So they may have a way of hacking into your system and getting that OTP,” Letsae said.
“That is so, despite the fact that banks have made everything possible to ensure that the OTP is hidden (encrypted).”
However, as we enter the age of the Fourth Industrial Revolution, something called Artificial Intelligence (AI) is reinventing itself in a big way.
More importantly, there is a branch of AI that is called Deep Learning or Machine Learning which is even more exciting.

So Letsae’s work is using some kind of AI to evade the cyber sharks even further, using machine learning.
This is how.
When you make an online transaction, the system asks for your face image.
When your face image reaches the bank, it is compared with an image that the bank took at the time when you were registering for an online banking.
When it is convinced that is indeed you, it is only then that it can send an OTP.

This is so that it doesn’t send the OTP to a stranger or cyber-shark.
There is a good reason for using your face.
No one has your face, even your twin brother (sister).
And no one can steal your face (unless they chop your head off, which is highly unlikely).
In short, his app uses both encrypted OTPs and images to ensure maximum protection.
But how did he do it?

“I used a Microsoft based programming language called C-sharp to build the app,” he said.
“It is user-friendly and easy to understand. If someone wants to improve on my app, it is easy to do so. Even more, it works on a number of operating systems such as Linux, Microsoft, Android and Apple.”
From there, the system was improved through the use of Application Programming Interface (API).
APIs are systems that add more functionality to the app.
“I have to make sure that my OTPs are encrypted (hidden from the cyber sharks),” he said, “So I use API to encrypt the OTPs.”

But how does the system identify your facial image?
First, a number of your pictures are taken in and stored.
They are first stored as pixels which are later changed into numbers that can only match your image.
It is a complicated process.
However, the closer the stored numbers are to the number that we get when we receive your image during a transaction, the more likely it is you who is doing the transaction.
No wonder the international cyber-security gurus were impressed!

Own Correspondent

 

Previous Standard Bank takes on wool ‘lies’
Next Parties boycott reforms meeting

Warning: count(): Parameter must be an array or an object that implements Countable in /home/thepostc/public_html/wp-content/themes/trendyblog-theme/includes/single/post-tags-categories.php on line 7

About author

You might also like

Local News

‘Thabane has lost it’

MASERU – THE battle for the All Basotho Convention (ABC) took a nasty twist last week when party leader Thomas Thabane expelled four party members who belong to the new

Local News

SADC Reforms: Government in quandary

THE opposition says it will not participate in the reforms unless its three leaders return from exile. And in a letter last week former deputy Prime Minister Mothetjoa Metsing spurned

News

Protest looms

Staff Reporter MASERU THE wives of detained soldiers have alleged that the army is ill-treating their husbands following plans by their children to stage a march. The children are set