Two factor authentication using mobile phones

Aloul, Fadi; Zahidi, Syed; El-Hajj, Wassim

doi:10.1109/aiccsa.2009.5069395

Cited by 206 publications

(117 citation statements)

References 4 publications

Supporting

Mentioning

109

Contrasting

Order By: Relevance

“…This application emphasizes how a Mobile Token can be run without the initial authentication process first, so the process can be shortened to avoid the difficult process of authentication [12].…”

Section: Resultsmentioning

confidence: 99%

Dynamic Mobile Token for Web Security using MD5 and One Time Password Method

AgungJayarana¹,

Cahyawan²,

Sasmita³

2012

IJCA

View full text Add to dashboard Cite

Nowadays, websites have been converted from just a display of information into an online transaction in the form of goods, services, or money. With that development, the security of the website is also need to be tightened, not just rely on usernames and passwords but also to the dynamic code of the mobile token which is difficult to be cracked [1].Dynamic mobile token is an application which is planted in the mobile phone to generate a code that was formed by the method of one time password and can only be used for one login session or transaction. Each mobile token has a value in the "secret" variable that makes it unique or different from the others, to separate one user access transactions or personal page. General TermsWebsite Security, Mobile.

show abstract

Section: Resultsmentioning

confidence: 99%

Dynamic Mobile Token for Web Security using MD5 and One Time Password Method

AgungJayarana¹,

Cahyawan²,

Sasmita³

2012

IJCA

View full text Add to dashboard Cite

show abstract

“…In this paper, we have proposed an access control system based on the concept of two-factor authentication [1]. The proposed system utilizes NFC smartphone/device (i.e.…”

Section: Discussionmentioning

confidence: 99%

“…Once the access card is lost, anyone who is in the possession of the card could easily enter the premise illegally. In this paper, we propose an access control system based on the concept of two-factor authentication [1], a security process that provides two means of identification: one of which is typically something that the user has, and the other is typically something that the user wants to be memorize or know. The proposed system uses the concept of Near field communication (NFC) and stegnography to overcome the disadvantage exhibited by the access control system using the access card.…”

Section: Introductionmentioning

confidence: 99%

NFC Hardware Device Based Access Control System using Information Hiding

Muke¹,

Shinde²,

Mistry³

et al. 2015

International Journal of Innovative Research in Electrical, Ele

View full text Add to dashboard Cite

Abstract:In the fields of data security, access control is the selective restriction of access to a place or other resource. Digital Security access control systems are designed to avoid unauthorized entry. It will control one door in a single room or many arrivals in an entire building. This is truly the best way to limit or control access to certain areas and know who has been where and when. It is introduced as an alternative system to the most common access control system using physical keys, mechanical locks, digital keypads, digital access cards, biometric access control to increase the level of ease to access a statement. However, an intruder is able to gain access to the premise if he possesses the access card or the physical keys. We propose an access control system that utilizes near field communication (NFC) device information hiding technique using stegenography to overwhelmed the disadvantage mentioned previously on the existing systems.

show abstract

“…The CA calculates NK' B with the knowledge of the random challenge N and the stored biometric key of the client and decrypts the received message to extract the claimed mobile device location L MD and time T MD (8). The CA now can verify that the received time is up-to-date and requests the mobile device location at exactly that instant in time from the cellular network operators (9). The current mobile device location L' MD is obtained from the cellular network operator by basestation/cell tower triangulation and send back to the CA.…”

Section: Biometric-based Challenge / Response Location Verificationmentioning

confidence: 99%

“…Aloul and El-Hajj proposed in [9] to use a mobile phone as a software token, which generates a one-time password (OTP) based on unique phone identifiers (IMEI, IMSI) and a username/PIN. Time is included in the OTP to ensure the one-time property and to avoid the re-use of previously generated passwords.…”

Section: Background and Related Workmentioning

confidence: 99%

Privacy preserving, real-time and location secured biometrics for mCommerce authentication

et al. 2011

View full text Add to dashboard Cite

Secure wireless connectivity between mobile devices and financial/commercial establishments is mature, and so is the security of remote authentication for mCommerce. However, the current techniques are open for hacking, false misrepresentation, replay and other attacks. This is because of the lack of real-time and current-precise-location in the authentication process. This paper proposes a new technique that includes freshly-generated real-time personal biometric data of the client and present-position of the mobile device used by the client to perform the mCommerce so to form a real-time biometric representation to authenticate any remote transaction. A fresh GPS fix generates the "time and location" to stamp the biometric data freshly captured to produce a single, real-time biometric representation on the mobile device. A trusted Certification Authority (CA) acts as an independent authenticator of such client's claimed realtime location and his/her provided fresh biometric data. Thus eliminates the necessity of user enrolment with many mCommerce services and application providers. This CA can also "independently from the client" and "at that instant of time" collect the client's mobile device "time and location" from the cellular network operator so to compare with the received information, together with the client's stored biometric information. Finally, to preserve the client's location privacy and to eliminate the possibility of cross-application client tracking, this paper proposes shielding the real location of the mobile device used prior to submission to the CA or authenticators.

show abstract

Two factor authentication using mobile phones

Cited by 206 publications

References 4 publications

Dynamic Mobile Token for Web Security using MD5 and One Time Password Method

Dynamic Mobile Token for Web Security using MD5 and One Time Password Method

NFC Hardware Device Based Access Control System using Information Hiding

Privacy preserving, real-time and location secured biometrics for mCommerce authentication

Contact Info

Product

Resources

About