Change search
ReferencesLink to record
Permanent link

Direct link
Integration of BankID Services in a PhoneGap Based Mobile Application
Mid Sweden University, Faculty of Science, Technology and Media, Department of Information and Communication systems.
Mid Sweden University, Faculty of Science, Technology and Media, Department of Information and Communication systems.
2014 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

Security concerns became high with the rapid technology advancement andwith the open nature of the internet. BankID is the leading electronic identificationsystem in Sweden which is used by around 5 million people in a variety ofpublic and private services. BankID allows users to securely authenticate themselvesand digitally sign important documents and transactions over the internet.In 2011, BankID Security App was launched to be used in mobile smartphones and tablet computers. In this paper, different components of the PublicKey Infrastructure (PKI) which is a cryptographic technique that enables usersto safely communicate over the insecure internet has been studied in detail. Furthermore,a test BankID-integrated PhoneGap based app on the Android platformis implemented and a performance evaluation and security analysis wereperformed. The test implementation of the BankID-integrated app on theAndroid platform provides user authentication and digital signing functions.The implemented backend system consists of a server with digital certificateand a database. The performance test emphasizes on the measurement of the accesstime between the components of the system and usability of the application.Access time measurement includes a reasonable amount of time in whichthe user is able to perform different activities in the system. In usability assessmentnumber of actions to perform a certain task and the ease of the user interfacehas been taken into consideration. The security analysis aims to identifypotential security flaws in the system and discuss possible solutions. The potentialsecurity risks we identified during the implementation of the system are theman-in-the-middle-attack, the Heartbleed bug, losing the mobile device andphysical access to the backend system. The potential security risks in the systemwere examined with regard to severity and probability of occurrence. Finally,the thesis project has been discussed in terms of the future work and system expansions.The result of the thesis will be used as a base in production developmentby Dewire, the company for which the thesis work has been conducted.

Place, publisher, year, edition, pages
2014. , 65 p.
Keyword [en]
Security, BankID, PhoneGap, PKI, Android
National Category
Computer Systems
URN: urn:nbn:se:miun:diva-22201OAI: diva2:725867
External cooperation
Subject / course
Computer Engineering DT1; Computer Engineering DT1
Educational program
Computer Science TDATG 180 higher education credits; Computer Science TDATG 180 higher education credits
2014-06-05, L408, Holmgatan 10, Sundsvall, 13:15 (English)
Available from: 2014-06-18 Created: 2014-06-17 Last updated: 2014-06-18Bibliographically approved

Open Access in DiVA

fulltext(774 kB)465 downloads
File information
File name FULLTEXT01.pdfFile size 774 kBChecksum SHA-512
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Eggestig, LarsWodajo, Mintesinot
By organisation
Department of Information and Communication systems
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 465 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 1243 hits
ReferencesLink to record
Permanent link

Direct link