ENHANCED PRIVACY AND SECURITY IN OTP GENERATION TECHNIQUE AGAINST OTP STEALING ATTACK

Mobile apps have brought tremendous impact to businesses, social, and lifestyle in recent years. Various app markets offer a wide range of apps from entertainment, business, health care and social life. Many online banking services are developed in worldwide and mostly using the OTPSMS to transact the payment from the user bank, but that OTP is traced out by the unauthorized apps. More researches are carried out to secure the OTPSMS from the unauthorized app, and then also can't protect the OTP from anonymous user apps. To solve this problem and protect the SMS, we proposed the Code Inject method, which inject the code into the OTP. The OTP sending through the SMS is not the original OTP, it is modified OTP by Code Inject method. The authorized apps only have the technique to get the original OTP from the modified OTP. With the modified OTP, the app can't transact the amount from bank. Code Inject method consists of Operation function choose and the critical number generate, this will generate the modified OTP for the original OTP.