scispace - formally typeset
Search or ask a question
Proceedings ArticleDOI

Secure multifactor authentication payment system using NFC

22 Jul 2015-pp 349-354
TL;DR: The proposed system which can be implemented as cross-platform mobile application, not only allows the user to make secure transactions, but also allows him/her to make transactions from his/her multiple accounts.
Abstract: The latest trend of making financial transactions is done by the use of cards or internet banking A person may have multiple bank accounts across several banks which makes it difficult for him/her to manage the transactions ie he/she either has to carry several cards or use a bunch of bank websites for accomplishing his/her transaction purposes This situation demands the need of a simple, secure and hi-tech system for achieving the purposes of making transactions We propose such a system that uses the latest technologies like NFC and multifactor authentication which can be used on any NFC enabled Smartphone The multi factor authentication system uses a 4-digit PIN as the knowledge factor, an NFC enabled Smartphone, instead of cards, as the possession factor and the face of the user as the inherence factor for the purpose of authentication The proposed system which can be implemented as cross-platform mobile application, not only allows the user to make secure transactions, but also allows him/her to make transactions from his/her multiple accounts
Citations
More filters
Journal ArticleDOI
26 Mar 2018
TL;DR: This paper surveys state-of-the-art multi-tier authentication techniques, their vulnerabilities, security threats and their solution proposed over the period of 2012-2016 to provide an easy and concise view of the underlying authentication model adapted by each approach.
Abstract: Security threats are major barriers in authentication process in Fog Computing. Identification of a user through single signon process like simple password-based authentications are no longer considered secure. Different multi-tier authentication schemes exist in literature that overcome the weakness of single sign-on. This paper surveys state-of-the-art multi-tier authentication techniques, their vulnerabilities, security threats and their solution proposed over the period of 2012-2016. We compare the performance of existing multi-tier authentication schemes on three parameters, i.e., cost, usability and level of security. Multi-tier authentication schemes have been categorized into groups according to the factors involved in the authentication process. Lastly, we aim to provide an easy and concise view of the underlying authentication model adapted by each approach

17 citations


Cites background from "Secure multifactor authentication p..."

  • ...Authentication scheme in [14] for financial transactions, which is using near field communication (NFC), biometric and PIN ....

    [...]

Proceedings ArticleDOI
01 Aug 2016
TL;DR: Tests in real world environment has demonstrated that the proposed automated attendance tracking system is characterised as high efficiency and accuracy in tracking attendance.
Abstract: Taking attendance has been widely used as a method to track students' academic behaviours. But conventional approaches are usually time consuming and inaccurate. In this paper, we have proposed an automated attendance tracking system, where students can use smartphones to submit attendance in parallel. Identity of a student is collaboratively verified by voiceprint and realtime location. Service isolation and token-based mechanism is applied specifically in the system as well, for the purpose of protecting users' privacy and the system's security. Tests in real world environment has demonstrated that our system is characterised as high efficiency and accuracy in tracking attendance.

16 citations


Additional excerpts

  • ...RFID technology was widely used in many scenes in our daily life from apartment security tags to payment card [3]....

    [...]

Journal ArticleDOI
TL;DR: The fraud detection ecosystem will provide a solution based on transaction risk-modeling, scoring transaction, business rule-based, and cross-field referencing, and the score-based evaluation method will analyze the transaction and reckon every transaction for fraud risk and take pertinent decision.
Abstract: The synthesis of NFC technology accompanying mobile payment is a state-of-the-art resolution for payment users. In view of rapid development in electronic payment system there is rise in fraudulent activity in banking transactions associated with credit cards and card-not-present transaction. M-Commerce aid the consumers and helps to bestow real-time information in payment system. Due to the familiarization of m-commerce there is cogent increase in the number of fraudulent activities, emerging in billions of dollar loss every year worldwide. To absolute the security breaches, payment transactions could be confined by considering various parameters like user and device authentication, consumer behavior pattern, geolocation and velocity. In this paper we formally assay NFC-enabled mobile payment fraud detection ecosystem using score-based evaluation method. The fraud detection ecosystem will provide a solution based on transaction risk-modeling, scoring transaction, business rule-based, and cross-field referencing. The score-based evaluation method will analyze the transaction and reckon every transaction for fraud risk and take pertinent decision.

4 citations


Cites background from "Secure multifactor authentication p..."

  • ...A multifactor authentication system was proposed to which knowledge factor is a 4-digit pin, possession factor is NFC-enabled Smartphone and inherence factor is the face of the user [25]....

    [...]

Journal ArticleDOI
02 Mar 2023-Sensors
TL;DR: In this article , a new concept of blockchain-based multi-factor authentication named "BAuth-ZKP" for securing smart city transactions is presented in the paper, which focuses on developing smart contracts between the participating entities within the smart city and performing the transactions with zero knowledge proof based authentication in a secure and privacy-preserved manner.
Abstract: The overwhelming popularity of technology-based solutions and innovations to address day-to-day processes has significantly contributed to the emergence of smart cities. where millions of interconnected devices and sensors generate and share huge volumes of data. The easy and high availability of rich personal and public data generated in these digitalized and automated ecosystems renders smart cities vulnerable to intrinsic and extrinsic security breaches. Today, with fast-developing technologies, the classical username and password approaches are no longer adequate to secure valuable data and information from cyberattacks. Multi-factor authentication (MFA) can provide an effective solution to minimize the security challenges associated with legacy single-factor authentication systems (both online and offline). This paper identifies and discusses the role and need of MFA for securing the smart city ecosystem. The paper begins by describing the notion of smart cities and the associated security threats and privacy issues. The paper further provides a detailed description of how MFA can be used for securing various smart city entities and services. A new concept of blockchain-based multi-factor authentication named “BAuth-ZKP” for securing smart city transactions is presented in the paper. The concept focuses on developing smart contracts between the participating entities within the smart city and performing the transactions with zero knowledge proof (ZKP)-based authentication in a secure and privacy-preserved manner. Finally, the future prospects, developments, and scope of using MFA in smart city ecosystem are discussed.

2 citations

References
More filters
Journal ArticleDOI
TL;DR: This work designs classifiers based on the well-known fisherface method and demonstrates that the proposed method comes with better performance when compared with other template-based techniques and shows substantial insensitivity to large variation in light direction and facial expression.

679 citations

Journal ArticleDOI
TL;DR: Two-factor authentication has been around for at least two decades, but it is only recently that they have received mass-market attention and some banks are issuing them to customers, and even more are talking about doing it.
Abstract: T wo-factor authentication isn't our savior. It won't defend against phishing. It's not going to prevent identity theft. It's not going to secure online accounts from fraudulent transactions. It solves the security problems we had 10 years ago, not the security problems we have today. The problem with passwords is that it is too easy to lose control of them. People give their passwords to other people. People write them down, and other people read them. People send them in email, and that email is intercepted. People use them to log into remote servers, and their communications are eavesdropped on. Passwords are also easy to guess. And once any of that happens, the password no longer works as an authentication token because you can never be sure who is typing in that password. Two-factor authentication mitigates this problem. If your password includes a number that changes every minute, or a unique reply to a random challenge, then it's difficult for someone else to intercept. You can't write down the ever-changing part. An intercepted password won't be usable the next time it's needed. And a two-factor password is more difficult to guess. Sure, someone can always give his password and token to his secretary, but no solution is foolproof. These tokens have been around for at least two decades, but it's only recently that they have received mass-market attention. AOL is rolling them out. Some banks are issuing them to customers , and even more are talking about doing it. It seems that corporations are finally recognizing the fact that passwords don't provide adequate security , and are hoping that two-factor authentication will fix their problems. Unfortunately, the nature of attacks has changed over those two decades. Back then, the threats were all passive: eavesdropping and offline password guessing. Today, the threats are more active: phishing and Trojan horses. Two new active attacks we're starting to see include: Man-in-the-Middle Attack. An attacker puts up a fake bank Web site and entices a user to that Web site. The user types in his password, and the attacker in turn uses it to access the bank's real Web site. Done correctly, the user will never realize that he isn't at the bank's Web site. Then the attacker either disconnects the user and makes any fraudulent transactions he wants, or passes along the user's banking transactions while making his own transactions at the same …

263 citations

Patent
26 Sep 2007
TL;DR: In this paper, a network element comprises one or more processors, and a memory module communicatively coupled to the processor, which, when executed by a processor, configure the processor to receive, via a first communication channel, a primary authentication request transmitted from a user from a first device.
Abstract: In one embodiment, a network element comprises one or more processors, and a memory module communicatively coupled to the processor. The memory module comprises logic instructions which, when executed by the processor, configure the processor to receive, via a first communication channel, a primary authentication request transmitted from a user from a first device, process the primary authentication request to determine whether the user is authorized to access one or more resources, in response to a determination that the user is authorized to access one or more resources, initiate, a secondary authentication request, and transmit the secondary authentication request from the network element to the user via a second communication channel, different from the first communication channel.

140 citations

Proceedings ArticleDOI
14 May 2012
TL;DR: This paper proposes a peer-to-peer based application that demonstrates the usage of NFC and Bluetooth technologies for money transaction between mobile devices and demonstrates the NFC availability for secure and easy communication and authentication in mobile applications.
Abstract: People continuously try to improve their quality of life and technologies have an important role on it Money transaction between mobile devices is bored and a difficult operation to perform since there is not a simple and safe way to do it Near field communication (NFC) is a new secure short-range wireless connectivity technology, can play an important role on this kind of issues, and it is very easy to use In upcoming years the NFC technology can offer an important contribution to simplify some daily operations, such as payments and money transactions This paper focused on NFC technology and proposes a peer-to-peer based application that demonstrates the usage of NFC and Bluetooth technologies for money transaction between mobile devices NFC technology is used with a simple gesture that triggers a lot of background operations A solution is proposed, evaluated, and demonstrated and it is ready for use It demonstrates the NFC availability for secure and easy communication and authentication in mobile applications

51 citations


"Secure multifactor authentication p..." refers background or methods in this paper

  • ...This is achieved by the implementation of Multifactor Authentication for the purpose of authentication of transactions and Near Field Communication (NFC) feature in smartphones for providing the ease of use to the users for making bank transactions....

    [...]

  • ...Nowadays, even mobile phones can be used as transport tickets, virtual vouchers or hypermarket loyalty/reward cards....

    [...]

Journal ArticleDOI
TL;DR: A brief introduction about the NFC and various applications and security issues is presented.
Abstract: Near Field Communication (NFC), an emerging short-range wireless point to point interconnection technology, with the combination of handheld electronic device has become a potential tool for the two devices to exchange various information when in close range. NFC unites various standards and proprietary technologies. This paper presents a brief introduction about the NFC and various applications and security issues.

40 citations