A SECURE GSM-BASED SMS BANKING SYSTEM: ANALYSIS, DESIGN, AND IMPLEMENTATION

Mobile banking has now become a critical platform of financial access, particularly in areas where smartphone and internet access are still low. Nevertheless, conventional SMS based banking is plagued by serious security failures such as plaintext transport, GSM cryptographic defects, SIM-SWO, and message disclosure within the SMSC. This puts a critical requirement of a superior, safe and dependable SMS banking application that has the ability to run on simple mobile phones. In this work, the author suggests the analysis, design, and implementation of a secure SMS-based banking system with a layered cryptographic model. The modelling technique is a mixture of the MERISE modelling approach and a hybrid framework of security, which is founded on RSA session initiation, SHA-derived session keys, and AES-256 message confidentiality. The implementation of the system utilised an SMS gateway and a SQL-based back end to facilitate common banking operations. Experimental findings show proper functional operation of all services, the average round-trip time of SMS is 712 seconds and consistent behaviour in the case of network congestion as a result of GSM store-and-forward reliability. Resistance to interception as well as spoofing, replay and SIM SWAP attacks is verified through security evaluation. In general, the results indicate that secure and efficient SMS banking can be realized and can offer an inclusive solution to the financial requirements of a mobile internet environment, where mobile internet services are not always reliable or accessible.