Website Credential Storage and Two-Factor Web Authentication with a Java SIM
Abstract
In this paper two mobile website authentication
schemes are proposed. The first enables authentication credentials
(username and password) to be stored and retrieved securely from a
mobile handset, and requires no changes to existing websites. The second
scheme, which may optionally be used with the first, utilises a one-time
password and is intended for applications requiring an enhanced level of
authentication, e.g. financial services. Both authentication schemes use
a Java SIM and ubiquitous mobile phone; with its familiar and convenient
form factor and high user acceptance. Both schemes also provide
protection against online phishing attacks.
Origin | Files produced by the author(s) |
---|
Loading...