Mobile Local Macropayments: Security and Prototyping
IEEE Pervasive Computing
Past, present and future of mobile payments research: A literature review
Electronic Commerce Research and Applications
Symmetric identity federation for fixed-mobile convergence
Proceedings of the 4th ACM workshop on Digital identity management
Robust Authentication Using Physically Unclonable Functions
ISC '09 Proceedings of the 12th International Conference on Information Security
Hi-index | 0.00 |
Many authentication schemes are based on parties possessing cryptographic keys often held on smart cards or other tamper-proof devices. Modern portable devices (e.g. PDAs, Smartphones) are enriched with advanced functionalities and thus could soon become both the preferred portable computing device (thereby substituting laptop computers) and a personal trusted device. This paper presents a novel two-factor authentication scheme whereby a Bluetooth-enabled handheld device is used to enforce basic password-based authentication thus improving convenience and usability. The main building block is a simple and efficient two-party authentication protocol based on a shared string (including the case of low entropy human memorable passwords) and on well known cryptographic primitives. The discussion relates to the banking sector but our scheme is readily adaptable to other more general contexts.