Anti-Phishing by Smart Mobile Device

Author

Han, Weili ; Wang, Yi ; Cao, Ye ; Zhou, Jiping ; Wang, Lixing

Author_Institution

Fudan Univ., Shanghai

fYear

2007

fDate

18-21 Sept. 2007

Firstpage

295

Lastpage

302

Abstract

Phishing is a popular technique to thieve user´s authentication information, especially password. The key issue is that it is difficult for user to distinguish fake login user interface (LUI) from normal LUI. This paper introduces a novel method to anti-phish by smart device. In our method, a smart device pre-stores feature information of LUI. Before entering authentication information, a plug-in of Web browser at host side will verify the validation of LUI according to pre-stored LUI information. Bluetooth provides a communication channel between the plug-in and the smart device. Furthermore, the smart device can automatically fill the field of user ID and password to the LUI if LUI passes the verification of smart mobile device. Compared with other solutions, this solution can greatly improve the security of authentication.

Keywords

Bluetooth; authorisation; message authentication; mobile handsets; notebook computers; online front-ends; user interfaces; Bluetooth; Web browser; anti-phishing; authentication security; fake login user interface; password; personal digital assistant; smart mobile device; smart phone; user ID; user authentication; Authentication; Credit cards; Data engineering; Data security; Information security; Internet; Law; Mobile computing; Personal digital assistants; Web pages;

fLanguage

English

Publisher

ieee

Conference_Titel

Network and Parallel Computing Workshops, 2007. NPC Workshops. IFIP International Conference on

Conference_Location

Liaoning

Print_ISBN

978-0-7695-2943-1

Type

conf

DOI

10.1109/NPC.2007.68

Filename

4351500