A Secure Mobile-Based Authentication System for e-Banking
OTM '09 Proceedings of the Confederated International Conferences, CoopIS, DOA, IS, and ODBASE 2009 on On the Move to Meaningful Internet Systems: Part II
SIP authentication based on HOTP
ICICS'09 Proceedings of the 7th international conference on Information, communications and signal processing
Mobile Networks and Applications
Mobile one-time passwords: two-factor authentication using mobile phones
Security and Communication Networks
SMARTPROXY: secure smartphone-assisted login on compromised machines
DIMVA'12 Proceedings of the 9th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Secure inspection of web transactions
International Journal of Internet Technology and Secured Transactions
WebCallerID: Leveraging cellular networks for Web authentication
Journal of Computer Security
Hi-index | 0.00 |
The number of different identities and credentials used for authentication towards services on the Internet has increased beyond the manageable. Still, the most common authentication scheme is based on usernames and passwords. This is a weak authentication mechanism, which can be broken by eavesdropping on the network connection or by sloppy handling by the users (e.g. re-use of the same password for different services, writing down the passwords on paper etc.). Also, management of user credentials is a costly task for most companies, estimated by IDC to around 200-300USD pr. user/year. Hence, better solutions for simplified, yet secure authentication, is required in the future. This paper proposes and describes an authentication scheme based on a One-Time Password (OTP) MIDlet running on a mobile phone for unified authentication towards any type of service on the Internet.