Title :
A two-factor mobile authentication scheme for secure financial transactions
Author :
Pietro, Roberto Di ; Me, Gianluigi ; Strangio, Maurizio A.
Author_Institution :
Dept. of Comput. Sci., La Sapienza Univ., Rome, Italy
Abstract :
Many authentication schemes are based on parties possessing cryptographic keys often held on smart cards or other tamper-proof devices. Modern portable devices (e.g. PDAs, Smartphones) are enriched with advanced functionalities and thus could soon become both the preferred portable computing device (thereby substituting laptop computers) and a personal trusted device. This paper presents a novel two-factor authentication scheme whereby a Bluetooth-enabled handheld device is used to enforce basic password-based authentication thus improving convenience and usability. The main building block is a simple and efficient two-party authentication protocol based on a shared string (including the case of low entropy human memorable passwords) and on well known cryptographic primitives. The discussion relates to the banking sector but our scheme is readily adaptable to other more general contexts.
Keywords :
Bluetooth; bank data processing; cryptography; message authentication; mobile computing; notebook computers; Bluetooth-enabled handheld device; banking sector; cryptographic keys; password-based authentication; personal trusted device; portable computing device; secure financial transactions; smart cards; two-factor mobile authentication scheme; two-party authentication protocol; Authentication; Cryptographic protocols; Cryptography; Entropy; Handheld computers; Personal digital assistants; Portable computers; Smart cards; Smart phones; Usability;
Conference_Titel :
Mobile Business, 2005. ICMB 2005. International Conference on
Print_ISBN :
0-7695-2367-6
DOI :
10.1109/ICMB.2005.12
