dc.description.abstract |
Mobile-based branchless banking has become a key mech-
anism for enabling financial inclusion in the developing re-
gions of the world. A fundamental requirement of all branch-
less banking systems is a mechanism to provide reliable ev-
idence to users about the occurrence of transactions, which
is implemented in the form of receipts delivered after each
transaction. Existing receipt delivery mechanisms, however,
provide poor security guarantees to users, which has led to
multiple exploits and financial losses recently. In this paper,
we present results from two studies conducted with users of a
leading branchless banking service in India. Our first study
explores current practice with respect to transaction receipts
through interviews conducted with 67 users and 87 trans-
action observations. The study reveals a desire for robust
receipt delivery systems amongst users as well as a preva-
lence of insecure practices, which makes users susceptible to
fraud. The second study tests usability of receipt verification
protocols with 30 users and finds that despite their limited
education, users are able to distinguish between secure and
insecure interfaces for receipt verification and 37% of them
state a strong preference for the secure interface even though
it is evidently less convenient. |
en_US |