International Journal of Emerging Technologies and Engineering (IJETE)

Volume 2 Issue 1, January 2015, ISSN 2348 8050

Securing Online Shopping System Using Visual Cryptography

Prof. D. B. Satre*, Varad Durugkar**, Akshay Ambekar***, AmitKumar Yadav****, Sudarshan Patil*****
*Department of Information Technology, MMIT, Savitribai Phule Pune University, Lohgaon
** MMIT, Savitribai Phule Pune University, Lohgaon
** MMIT, Savitribai Phule Pune University, Lohgaon
**** MMIT, Savitribai Phule Pune University, Lohgaon
***** MMIT, Savitribai Phule Pune University, Lohgaon

ABSTRACT
In todays world of internet, various online attacks has
been increased as well as spread and among them the
most famous and harmful attack is phishing. it is trying
by an individual person or a group to get personal secret
confidential information such as passwords, all types of
card information from unsuspecting victims for identity
theft, financial gain and other stolen activities. Fake
websites which appear very like to the original ones are
being hosted to gain this. Here an image based
authentication
using
Visual
Cryptography
is
implemented. The use of visual cryptography is traverse
to preserve the privacy of an image captcha by
decomposing means that original image captcha into two
shares (known as sheets) that are generated by bank
server. Original image captcha can be betrayed only
when both are simultaneously available. the individual
sheet images do not betray the identity of the original
image captcha. Once the original image captcha is
passed to the user it can be used as the password by user.
Using this website cross verifies its identity and proves
that it is a genuine website before the end users.by Using
(2,2) visual secret sharing scheme a secret image is
encrypted in shares which are meaningless images that
can be transmitted or distributed over an untrusted
communication channel.

bank accounts or arranging credit cards. Phishing is a

criminal mechanism that employs both social
engineering and technical subterfuge to steal consumers
personal identity data and financial account credentials.
We can use Visual cryptography in our project for
security purpose. For services such as Payment Service,
Financial and Retail Service are the most targeted
industrial sectors of phishing attacks. However, one
must still trust merchant and its employees not to use
consumer information for their own purchases and not to
sell the information to others. In our project there are
three parts that are Client, Merchant server, Bank server.

II.

PHISHING

What is Phishing? Phishing is a deceptive

communication.
Its
Facilitates
identity
theft
environment in website. Phishing is an analogy of
fishing bait. Fraudsters use deceptive email messages
that appear to be originating from legitimate businesses.
Phishing attacker key point is
Attacker sends an e-mail.
Internet user is re-directed to a mimicking
website to key in their personal identification
details.
The attacker will then use this information to
commit identity fraud.

Keywords - DBA, OTP , Phishing, VC.

I.

INTRODUCTION

Online shopping is the retrieval of product information

via the Internet and issue of purchase order through
electronic purchase request, filling of all card
information such as Credit card, debit card and shipping
of product by mail order or home delivery by courier.
Identity theft and phishing are the common dangers of
online shopping. Identity theft is the stealing of someone
identity in the form of personal information and misuse
of that information for making purchase and opening of

Effects of Phishing:
There are two main effect of phishing:
Inflicts financial losses
Corrodes consumer trust
There are so many phishing techniques.
Email / Spam
Web Based Delivery
Instant Messaging
Trojan Hosts

17
www.ijete.org

International Journal of Emerging Technologies and Engineering (IJETE)

Volume 2 Issue 1, January 2015, ISSN 2348 8050

5) Bank customer identification

Web Based Delivery: Web based delivery is one of

the most sophisticated phishing techniques. Also known
as man-in-the-middle, the hacker is finded in between
the original website and the phishing systems. The
phisher accessas well as traces details during a
transaction between the legitimate website and the user.
As the user continues to send information, it is gathered
and store by the phishers.

Types of visual cryptography

1) Halftone visual cryptography
2) Color visual cryptography
3) Visual Cryptography with Perfect Restoration
4) Multiresolution Visual Cryptography
5)
Progressive
Multiresolution
Visual
Cryptography

Instant Messaging: It is the method in which the user

receives a message with a link directing them to a fake
phishing website which has the similar look and feel as
the authorized website. If the user doesnt look at the
URL, it may be difficult to tell the difference between
the fraud and authorized websites. Then, the user is
asked to provide personal sensitive data on the page. for
phisher personal use they can use users stolen data.
III.

VISUAL CRYPTOGRAPHY

Visual cryptography is a cryptographic technique which

allows visual information (pictures, text, etc.) to be
encrypted in such a way that the decryption can be
performed by the human visual system. Visual
cryptography was pioneered by Moni Naor and Adi
Shamir in 1994. it is a special encryption technique to
conceal information in images in such a way that it may
be decrypted in front of the human vision if the correct
key image is used. VC uses two transparent images. in
visual cryptography decomposes the original image into
two parts know as share, image or captcha . First image
contains random Means without any method pixels and
the other image contains the secret information.
It is absolutely impossible to retrieve the secret
information from one image. Both transparent images
and layers are required to betray the information. if
anyone got the one image that is meaningless. Whenever
we combining two image or share means superimpose
of image then and only then we got the original image.
Using (2,2) visual secret sharing scheme a secret image
is encrypted.

Various visual cryptography applications are as

follow:
1) Biometric security
2) Watermarking
3) Steganography
4) Printing and scanning applications

Fig1: Visiual cryptography

IV.

ARCHITECTURE

In this Architecture there are three main parts that are

1) Client,
2) Merchant server
3) Bank server.

Client: Client is a person who wants to buy some

product online on merchant site, But it is necessary that
the person knows the merchant site is fraud or real. For
that user first enter OTP which can generate by bank and
then verify that merchant site is phishing or not. After
know that merchant site is real customer complete
further proceed and select or buy product.

Merchant Server: Merchant server hosts the original

website it consists of all the database of products it is
managed by DBA. It is registered with bank server.
Merchant verify if the user is authentic or not by using
Login functionality. Merchant sends its Server ID and
Unique Customer ID to bank server for verification
purpose. Adding removing products into cart. Managing
database of products. Also checking transactions that has
happened.
18

www.ijete.org

International Journal of Emerging Technologies and Engineering (IJETE)

Volume 2 Issue 1, January 2015, ISSN 2348 8050

Bank Server: Bank server verifies client and

merchant server using client UID or merchant id. Bank
server creating Hash Function for OTP. It divides OTP

into two shares. Bank sends OTP shares to merchant

and client. At last verify if OTP entered is correct or not.

Fig 2: System Architecture

V.

CONCLUSION

In this paper we present a method to protect user

from phishing website and avoid fraud of
money.Thus the system which we are providing will
initiate more secure online transaction that will lead to
increase the participation of clients.

REFERENCES

Visual Content-Based
Approach.
2011.

Anti-Phishing:

Bayesian

[3] Divya James and Mintu Philip. A novel anti phishing

framework based on visual cryptography international
journal of distributed and parallel systems. 2012.

[1] Souvik Roy and P. Venkateswaran. Online payment

system using steganography and visual
cryptography. IEEE Studentsa Conference on
Electrical, Electronics and Computer
Science, 2014.
[2] Tommy W. S. Chow Senior Member Haijun Zhang,
Gang Liu and Senior Member Wenyin Liu. Textual and
19
www.ijete.org