The Vulnerability Of Sms Otp And The Risk Of Fake Bts Attacks On Mobile Banking Users In Indonesia
Abstract
. The Rapid Growth Of Mobile Banking Services In Indonesia Has Provided Unprecedented Convenience for financial transactions, yet it has also increased users’ exposure to cybersecurity threats. One of the most critical vulnerabilities is the use of Short Message Service-based One-Time Passwords (SMS OTP), which remain susceptible to interception and manipulation through Fake Base Transceiver Station (Fake BTS) or IMSI Catcher attacks. This study aims to provide an in-depth analysis of SMS OTP vulnerabilities and the risks posed by Fake BTS attacks within the context of mobile banking security, while also examining their impact on user trust and behavioral intention. The analysis explores attack mechanisms, potential exploitation paths, and implications for the integrity of financial transactions. Additionally, this research evaluates mitigation strategies, including multifactor authentication, biometric verification, end-to-end encryption, and the integration of artificial intelligence for threat detection. The findings indicate that SMS OTP has a high level of vulnerability due to weak protection within cellular networks, enabling attackers to intercept authentication codes and gain unauthorized access to user accounts. Furthermore, low cybersecurity awareness and high exposure to social engineering attacks amplify the risks faced by users. This study highlights the urgent need to strengthen mobile banking security architectures through technical enhancements, user education, and more adaptive regulatory frameworks. The results are expected to serve as a reference for users, financial institutions, and regulators in improving the resilience of digital banking security in Indonesia.
Keywords: SMS OTP; Fake BTS; Mobile Banking; Cybersecurity; Multi-Factor Authentication; IMSI Catcher; Encryption; Artificial Intelligence; Digital Security Risk.
Downloads
Published
Issue
Section
License
Open Access
HUMANIS (Humanities, Management and Science Proceedings) is a national peer reviewed and open access journal that publishes significant and important research from all area of agroindustry.
This journal provides immediate open access to its content that making research publish in this journal freely available to the public that supports a greater exchange of knowledge.
Copyright
Submission of a manuscript implies that the submitted work has not been published before (except as part of a thesis or report, or abstract); that it is not under consideration for publication elsewhere; that its publication has been approved by all co-authors. If and when the manuscript is accepted for publication, the author(s) still hold the copyright and retain publishing rights without restrictions. Authors or others are allowed to multiply article as long as not for commercial purposes. For the new invention, authors are suggested to manage its patent before published. The license type is CC-BY-SA 4.0.
Disclaimer
No responsibility is assumed by publisher and co-publishers, nor by the editors for any injury and/or damage to persons or property as a result of any actual or alleged libelous statements, infringement of intellectual property or privacy rights, or products liability, whether resulting from negligence or otherwise, or from any use or operation of any ideas, instructions, procedures, products or methods contained in the material therein.
