Pengamanan M-Commerce Menggunakan One Time Password Metode Pseudo Random Number Generator (PRNG)

  • Muhammad Fahrizal Universitas Budi Luhur
  • Achmad Solichin Universitas Budi Luhur
: https://doi.org/10.36341/rabit.v5i2.1363

Abstract

Mobile commerce or m-commerce is an electronic trading system (e-commerce) that uses mobile equipment such as mobile phones, smart phones, PDAs, and notebooks. With the growth of smartphone users throughout the world, many electronic commerce business owners also provide m-commerce applications to make it easier for their customers to make transactions. In addition to providing convenience for users, m-commerce application providers must be able to ensure that customers can transact safely. Security risks are one of the major obstacles in the development of electronic commerce systems. Therefore, this research applies the method of securing m-commerce applications using one time password (OTP) generated by the Pseudo Random Number Generator (PRNG) method. This study also modified the PRNG algorithm by doing three bit shifting processes and adding encryption algorithms. The test results show that the system can generate an OTP that is always unique for each transaction. The results of this study are useful for m-commerce application developers to secure their applications.

Keywords: e-commerce security, m-commerce, one time password, PRNG

References

C. M. Annur, “Survei APJII: Penetrasi Pengguna Internet di Indonesia Capai 64,8%,” Katadata.co.id, 2019. [Daring]. Tersedia pada: https://katadata.co.id/berita/2019/05/16/survei-apjii-penetrasi-pengguna-internet-di-indonesia-capai-648.

N. A. Rozama, A. L. Kusumatrisna, Z. Ilmiyah, T. Sutarsih, G. Siswayu, dan A. Syakilah, Statistik E-Commerce 2019. Jakarta: Badan Pusat Statistik, 2019.

WikipediaID, “M-Dagang,” Wikipedia.org, 2020. [Daring]. Tersedia pada: https://id.wikipedia.org/wiki/M-dagang. [Diakses: 20-Jun-2020].

A. M. R. Wajong dan C. R. Putri, “Keamanan dalam Electronic Commerce,” ComTech, vol. 1, no. 2, hal. 867–874, 2010.

C. Hanifurohman dan D. D. Hutagalung, “Analisa Keamanan Aplikasi Mobile E-Commerce Berbasis Android Menggunakan Mobile Security Framework,” in Seminar Nasional Enhancing Innovations for Sustainable Development, 2020.

RiskBased Security, “2020 Q1 Report Data Breach QuickView,” 2020.

K. K. Kumbhare dan K. V. Warkar, “A Review on Noisy Password, Voiceprint Biometric and One-Time-Password,” in International Conference on Information Security & Privacy, 2016, vol. 78, hal. 382–386.

S. Ma et al., “An Empirical Study of SMS One-Time Password Authentication in Android Apps,” in ACSAC ’19: Proceedings of the 35th Annual Computer Security Applications Conference, 2019, hal. 339–354.

H. A. Chandra, Y. I. Wijaya, dan H. Budiman, “Algoritma One Time Password pada Sistem Informasi Penerimaan Siswa Baru Online SMP H.A. Johansyah.A Banjarmasin,” Technologia, vol. 10, no. 4, hal. 207–211, 2019.

D. V. S. Y. Sakti, N. Agani, dan M. Hardjianto, “Pengamanan Sistem Menggunakan One Time Password Dengan Pembangkit Password Hash SHA-256 dan Pseudo Random Number Generator (PRNG) Linear Congruential Generator (LCG) di Perangkat Berbasis Android,” J. BIT, vol. 13, no. 1, hal. 1–10, 2016.

G. H. Editya dan S. Mulyati, “Aplikasi Mobile One Time Password Menggunakan Algoritma MD5 dan SHA1 untuk Meningkatkan Keamanan Website,” SKANIKA, vol. 1, no. 2, hal. 618–623, 2018.

A. Hangga dan E. Prabowo, “Modifikasi Linear Congruential Generator untuk Sistem Pengacakan Soal pada Computer Based Test ( CBT ),” J. Tek. Elektro, vol. 8, no. 2, hal. 47–49, 2016.

S. Gharge, H. Brijwani, M. Pugrani, G. Sukhwani, dan D. Udherani, “Percon8 Algorithm for Random Number Generation,” Int. J. Eng. Res. Appl., vol. 4, no. 5, hal. 54–60, 2014.

A. Solichin, M. A. Putra, dan K. Diniari, “RESTful Web Service Optimization with Compression and Encryption Algorithm,” 2018 Int. Semin. Appl. Technol. Inf. Commun., hal. 333–337, 2018.

Published
2020-07-20
How to Cite
[1]
M. Fahrizal and A. Solichin, “Pengamanan M-Commerce Menggunakan One Time Password Metode Pseudo Random Number Generator (PRNG)”, rabit, vol. 5, no. 2, pp. 108-116, Jul. 2020.
Issue
Vol 5 No 2 (2020): Juli
Section
Articles

Copyright (c) 2020 Rabit : Jurnal Teknologi dan Sistem Informasi Univrab

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Please find the rights and licenses in RABIT : Jurnal Teknologi dan Sistem Informasi Univrab. By submitting the article/manuscript of the article, the author(s) accept this policy.

1. License

The non-commercial use of the article will be governed by the Creative Commons Attribution license as currently displayed on Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. 

2. Author’s Warranties

The author warrants that the article is original, written by stated author(s), has not been published before, contains no unlawful statements, does not infringe the rights of others, is subject to copyright that is vested exclusively in the author and free of any third party rights, and that any necessary written permissions to quote from other sources have been obtained by the author(s).

3. User Rights

RABIT's spirit is to disseminate articles published are as free as possible. Under the Creative Commons license, RABIT permits users to copy, distribute, display, and perform the work for non-commercial purposes only. Users will also need to attribute authors and RABIT on distributing works in the journal.

4. Rights of Authors

Authors retain all their rights to the published works, such as (but not limited to) the following rights;

  • Copyright and other proprietary rights relating to the article, such as patent rights,
  • The right to use the substance of the article in own future works, including lectures and books,
  • The right to reproduce the article for own purposes,
  • The right to self-archive the article,
  • The right to enter into separate, additional contractual arrangements for the non-exclusive distribution of the article's published version (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal (RABIT : Jurnal Teknologi dan Sistem Informasi Univrab).

5. Co-Authorship

If the article was jointly prepared by other authors, any authors submitting the manuscript warrants that he/she has been authorized by all co-authors to be agreed on this copyright and license notice (agreement) on their behalf, and agrees to inform his/her co-authors of the terms of this policy. RABIT will not be held liable for anything that may arise due to the author(s) internal dispute. RABIT will only communicate with the corresponding author.

6. Royalties

This agreement entitles the author to no royalties or other fees. To such extent as legally permissible, the author waives his or her right to collect royalties relative to the article in respect of any use of the article by RABIT.

7. Miscellaneous

RABIT will publish the article (or have it published) in the journal if the article’s editorial process is successfully completed. RABIT's editors may modify the article to a style of punctuation, spelling, capitalization, referencing and usage that deems appropriate. The author acknowledges that the article may be published so that it will be publicly accessible and such access will be free of charge for the readers as mentioned in point 3.

PDF (Bahasa Indonesia)
Abstract views: 77164
downloads: 239