Abstract: The day to day advancements in science and technology resulted in enormous data transaction and demand for secure communication and e-banking are not an exception. The usage of ATMs for cash withdrawal and other transaction related works is massive. Looking at the elements required by a customer for ATM utility, the debit card and secure PIN are being sent separately by postal service to the customers of many banks for increased security. However, tampering is always possible because of the unique mode of sending the both card as well as PIN authentication to the customers. Here we suggest an alternative method to enhance the security with respect to debit card and PIN communication to the customers with LabVIEW based transform domain steganography approach where the PIN will be hidden in the scanned Debit card image with the help of Discrete Cosine Transform (DCT) and swapping algorithm. This transformed image will be e-mailed to the customers. Proper retrieval algorithm will be used by the concerned customers to reveal the secret PIN authentication. Histogram report, error metrics like MSE and PSNR have also been discussed in this study for sample ATM debit card image.
INTRODUCTION
While every walk of human life needs some sort of information for necessities, the concern is how safe the data is reaching the other end. While sitting peacefully and thinking about the pride of technology, one must understand the effects caused by the so called innovations and breakthroughs. In fact, breakthroughs have become breaking elements through the self border i.e., Lakshman Rekha drawn to protect one’s privacy. But sitting time will not help in revamping the system back, as the heavy onus pressures us to run and stop incoming threats. Over the period, cryptography, steganography and watermarking are providing helping hand to face the threats of information theft. Information hiding (Cheddad et al., 2010; Amirtharajan and Rayappan, 2012a-e, 2013; Amirtharajan et al., 2013a-j; Janakiraman et al., 2012a, b, 2014a, b; Zhao and Luo, 2012; Mohammad et al., 2011; Salem et al., 2011; Ramalingam et al., 2014a, b; Thien and Lin, 2003; Luo et al., 2011) methods have been implemented in both spatial as well as transform domains.
As for as, spatial image steganography is concerned LSB substitution (Chan and Cheng, 2004), random image steganography (Amirtharajan et al., 2012b; Thanikaiselvan et al., 2012a-c, 2013a, b), pixel differencing (Wu and Tsai, 2003; Zhang and Wang, 2004), pixel indicator based approaches (Janakiraman et al., 2012a, b, 2013) and other adaptive (Amirtharajan and Rayappan, 2012a, c) have been experimented in the past. DCT (Wong et al., 2007; Qi and Wong, 2005) based steganography is one of the earlier transform domain based proposed methods. Also wavelet based (Amirtharajan and Rayappan, 2012d) approaches, FPGA based hardware stego approaches (Rajagopalan et al., 2012a, b, 2014a-d; Rajagopalan and Upadhyay, 2011; Janakiraman et al., 2014a, b), firmware and OFDM based information security (Thenmozhi et al., 2012; Praveenkumar et al., 2012a, b, 2013a, b, 2014a-j) have also been forming the part of security algorithms.
Bank transactions have seen various advancements in the past decade. Written work has been almost reduced with the emerging technologies in the IT sector that has extended the helping hand for banking sector. Regarding the money transactions, almost every customer uses debit card for money withdrawals from the ATMs. In this approach, secure communication of secret PIN to the customers to access ATM cards has been discussed. The proposed method uses DCT based transform domain steganography, where the PIN bit embedding is done with a swapping coefficients algorithm.
PROPOSED METHODOLOGY
Let, I(x, y) be the RGB image of a sample ATM card with the subsets of R, G and B coordinates, i.e., {IR(x,y), IG(x,y), IB(x,y) } ∈ I(x,y). The ATM card image considered here is rectangular in shape such that number of rows in the image is less than the number of columns. The image resolution is chosen by keeping in mind that the image will have finite ‘N’ number of 8x8 blocks. The proposed algorithm is based on discrete cosine transform where the secret PIN hiding happens in some of the 16 pairs of locations of the 8 x 8 blocks.
The DCT computing I, jth element of DCT of an image can be calculated by the following Eq. 1:
| (1) |
Let us consider a block of 8x8 pixels ‘A’ from one of the R, G, B layers of ATM card sample image considered here:
As an initial step, threshold value of 128 has to be subtracted from each of the 8x8 block cover pixels, therefore:
The DCT of block B can be computed by the following Eq. 2:
| (2) |
where, M is a DCT matrix and MT is the transpose of M.
For the 8x8 cover block considered here, the DCT coefficients after performing two matrix multiplications as given in Eq. 2 will be:
The quantization of D can be done by dividing each element of D by the corresponding quantization matrix element and rounding it to the nearest integer as following in Eq. 3:
| (3) |
where, C is the matrix of quantized and rounded coefficients C(m, n), Q90 is the quantization matrix which gives best quality image but with low compression. The quantization matrix Q90 considered in this study is:
After quantizing and rounding off as per Eq. 3:
Now, this C contains 44 zeros out of 64 coefficients which means 68.75% of the 8x8 block is occupied by zeros which indicate the compression done. The next step is to hide the PIN into the blocks of quantized DCT. The data hiding can be implemented on the selected ATM card RGB image based on the following parameters:
| • | T: Trilayer parameter which may take any one value from {1, 2, 3} ⇒ {R, G, B} |
| • | {B}: Set of 16 blocks to guide the embedding process |
| • | {L}: L is a pair of quantized pixel locations to denote the PIN bit hiding in a specific block b⊂{B} |
The trilayer parameter T will be decided by the LabVIEW based random number generator for which the VI is shown in Fig. 1.
The random numbers generated are between 1 and 3 to indicate the R, G and B layers. Figure 2 shows the random numbers generated for five trials displayed in the front panel 2D array. It has been observed that the number 1 occurs 26 times (6+4+5+6+5), 2 occurs 27 times (5+5+7+4+6) and 3 is present for 27 times ( 5+7+4+6+5) in five sample trials. Approximately 1, 2 and 3 occur nearly 1/3 times in each trial of 16 iterations.
Let us consider the C matrix is in the red layer and we assume that T = 1 which is generated by random number generation process. Also we consider that the C is a subset of {B}:C ⊂ {B}. The pair of quantized pixel locations to indicate the bit embedding is {R3C3, R4C1}∈{L}. Here R3C3 represent row 3-column 3 element and R4C1 indicates that of row 4-column 1. In the Matrix C, R3C3 = 5 and R4C1 = -14.
The proposed approach embeds one bit/8x8 block in order to enhance the security.
| Fig. 1: | Random number generation to decide the bit embedding layer ‘T’ |
| Fig. 2: | Front panel indicator showing random number 2D array |
From the 16 message bits set M = {m1 …, m16}, a bit is embedded into an 8x8 block based on the following rules:
Rule 1: If mi = 0, then:
Rule 2: If mi = 1, then:
These two rules are decisive in hiding PIN bits in 8x8 DCT compressed blocks. Here, the LSB substitution is not done to hide the information but swapping of coefficients will be done in order to hide the message bits. As only one bit will be embedded per 8x8 block, except the R3C3 and R4C1 coefficients, others remain unchanged. Based on these two rules, the remaining 15 bits will be embedded in selected 8x8 blocks from the three R, G and B layers.
RESULTS AND DISCUSSION
The algorithm was implemented on a sample ATM card image of size 224x344. The DCT was applied on all the 1204 8x8 blocks. Initially a four digit PIN value 1838 was considered to analyze the embedding process. The equivalent binary representation of considered PIN is 00011000001110002 assuming four bits per digit. As this binary pattern had only five ones, selected pair in five selected 8x8 blocks of DCT co-efficients were swapped to indicate the embedding of logic ‘1’ in the transformed image. In order to follow uniformity to reduce the key length, the embed location set {L} was chosen as {R3C3, R4C1}, which means in all the five blocks the co-efficients in these two locations will be swapped to indicate the hidden bit ‘1’. Moreover, this process is not hiding the information through LSB substitution technique but by swapping non-zero coefficients. For this pattern of 1838, red layer was used to embed bit ‘1’ in the 20th 8x8 block, green layer was hiding the bit ‘1’ in 20th block of its layer and three logic ‘1’ bits were embedded in 51, 54 and 814 blocks of blue layers. These details are shown in Table 1.
This study also considered another sample PIN FFFFh which has 16 logic ‘1’s. These 16 one’s were hidden in 16 8x8 blocks based on the characteristic of the blocks and after randomizing the bits with a guiding block. Six red blocks, five green blocks and blue blocks were utilized to secure the PIN. The PSNR after hiding 6 bits (swapping) in red layer was at 50.396, where it was 56.225 for one bit concealment in red layer. Normally the PSNR value for LSB embedding with k = 1 is approximately 51 dB considering full embedding on the sample image. But here the maximum possible bits that can be embedded in the selected image is 16.
| Table 1: | MSE and PSNR results for sample ATM card image |
| Fig. 3(a-e): | (a) Cover image of sample ATM card, (b) Stego red layer, (c) Stego green layer, (d) Stego blue layer and (e) Combined RGB stego image |
Moreover, the process of embedding is swapping and not LSB embedding on the image blocks. Therefore, the PSNR rises upto 56.225 dB as a result of one bit embedding (swapping) in red layer (20th 8x8 block) and drops down to 50.396 when 6 bits are embedded in red layer. The deviation in the PSNR value may be attributed to decompression affected by the coefficient swapping. Figure 3 show the sample SBI ATM card cover image, stego red image, stego green image, stego blue image and stego sample ATM card RGB image. Figure 4 display the histogram report of red, green and blue layers of sample SBI ATM card image.
| Fig. 4(a-c): | Histogram reports of (a) Red, (b) Green and (c) Blue layers for sample ATM card image |
CONCLUSION
A transform domain steganography approach to secure ATM PIN communication has been proposed in this study. Even though, the concern is the knowledge of information hiding techniques among common men, the idea is to address the need for information security in banking. As for as net banking is concerned, two way and three way security net guards are deployed by many of the global, nationalized and private banks. This proposed approach may have a possibility of enhancing the PIN protection and can be an alternate to tackle the ATM PIN theft. This approach can be more strengthened by randomizing the embedding process in other ways with PRNGs such as LFSR, multiple LFSRs etc.
ACKNOWLEDGMENT
Authors wish to acknowledge SASTRA University, Thanjavur for extending infrastructural support to carry out the study.