2020 IEEE European Symposium on Security and Privacy (EuroS&P) 2020
DOI: 10.1109/eurosp48549.2020.00043
|View full text |Cite
|
Sign up to set email alerts
|

SecurePay: Strengthening Two-Factor Authentication for Arbitrary Transactions

Abstract: General rightsCopyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights.• Users may download and print one copy of any publication from the public portal for the purpose of private study or research. • You may not further distribute the material or use it for any profit-making activity or commer… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
5
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
5
1
1

Relationship

0
7

Authors

Journals

citations
Cited by 7 publications
(5 citation statements)
references
References 41 publications
0
5
0
Order By: Relevance
“…SecurePay:Strengthening Two-Factor Authentication for Arbitrary Transactions [10]. The paper presents a novel approach, SecurePay, aimed at enhancing the security of two-factor authentication (2FA) on mobile phones, acknowledging the vulnerability of existing schemes where compromised phones can undermine the effectiveness of 2FA.…”
Section: Breaking Mobile Notification-based Authentication Withmentioning
confidence: 99%
“…SecurePay:Strengthening Two-Factor Authentication for Arbitrary Transactions [10]. The paper presents a novel approach, SecurePay, aimed at enhancing the security of two-factor authentication (2FA) on mobile phones, acknowledging the vulnerability of existing schemes where compromised phones can undermine the effectiveness of 2FA.…”
Section: Breaking Mobile Notification-based Authentication Withmentioning
confidence: 99%
“…Nevertheless, it (a) requires the client to store a sufficiently long secret key (on the mobile phone), (b) requires the laptop/PC that the client uses to be equipped with a camera, and (c) needs the mobile phone to invoke a hash function over a million times that can cause the phone's battery to run out fast. The protocol proposed in [21] mainly relies on a phone's TEE (i.e., ARM TrustZone technology) and messages that the server can directly send to the phone. Later, Imran et al [1] proposes a new protocol that also relies on a phone's TEE, but it improves the protocol presented in [21], in the sense that it is compatible with more android devices and supports biometric authentication too.…”
Section: Variants Of Otp Hardware Tokensmentioning
confidence: 99%
“…The protocol proposed in [21] mainly relies on a phone's TEE (i.e., ARM TrustZone technology) and messages that the server can directly send to the phone. Later, Imran et al [1] proposes a new protocol that also relies on a phone's TEE, but it improves the protocol presented in [21], in the sense that it is compatible with more android devices and supports biometric authentication too.…”
Section: Variants Of Otp Hardware Tokensmentioning
confidence: 99%
“…There are several forms of biometric geometry, such as facial recognition, digital recognition, voice recognition, signature recognition, and key or screen press patterns. According to Camp (Camp, 2004), the use of biometric technology to identify and digital authentication of individuals involves three distinct phases: Therefore when software has multi-factors it can be assumed that even if an attacker compromises one of the factors, the protection level is higher considering that the attacker will need to compromise the remaining factors (KOSE et al, 2020, Konoth et al, 2020. One of the benefits of adopting MFA is to provide a resilient form of user authentication and it appears to be a very cost-effective mechanism (KOSE et al, 2020).…”
Section: Additional Authentication Factormentioning
confidence: 99%
“…One of the benefits of adopting MFA is to provide a resilient form of user authentication and it appears to be a very cost-effective mechanism (KOSE et al, 2020). In addition to the initial authentication, the second authentication factor is used to protect other sensitive transactions, such as bank transfers (Konoth et al, 2020).…”
Section: Additional Authentication Factormentioning
confidence: 99%