dLocAuth: a dynamic multifactor authentication scheme for mCommerce applications using independent location-based obfuscation

Kuseler, Torben; Lami, Ihsan Alshahib

doi:10.1117/12.918130

Cited by 1 publication

(1 citation statement)

References 10 publications

(13 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Currently, further schemes which combine the authentication factors with the LTE-LS provided location in a more robust ways are investigated. Also, the use of LTE-LS to securely and reliably generate location-based keys, for example to be used to protect mCommerce applications executed on Smartphones against illegitimate modification [14], are explored.…”

Section: Discussionmentioning

confidence: 99%

Location-assured, multifactor authentication on smartphones via LTE communication

2013

Self Cite

View full text Add to dashboard Cite

With the added security provided by LTE, geographical location has become an important factor for authentication to enhance the security of remote client authentication during mCommerce applications using Smartphones. Tight combination of geographical location with classic authentication factors like PINs/Biometrics in a real-time, remote verification scheme over the LTE layer connection assures the authenticator about the client itself (via PIN/biometric) as well as the client's current location, thus defines the important aspects of "who", "when", and "where" of the authentication attempt without eaves dropping or man on the middle attacks. To securely integrate location as an authentication factor into the remote authentication scheme, client's location must be verified independently, i.e. the authenticator should not solely rely on the location determined on and reported by the client's Smartphone. The latest wireless data communication technology for mobile phones (4G LTE, Long-Term Evolution), recently being rolled out in various networks, can be employed to enhance this location-factor requirement of independent location verification. LTE's Control Plane LBS provisions, when integrated with user-based authentication and independent source of localisation factors ensures secure efficient, continuous location tracking of the Smartphone. This feature can be performed during normal operation of the LTE-based communication between client and network operator resulting in the authenticator being able to verify the client's claimed location more securely and accurately. Trials and experiments show that such algorithm implementation is viable for nowadays Smartphone-based banking via LTE communication.

show abstract

Section: Discussionmentioning

confidence: 99%