Two factor authentication using mobile phones
- 1 January 2009
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
This paper describes a method of implementing two factor authentication using mobile phones. The proposed method guarantees that authenticating to services, such as online banking or ATM machines, is done in a very secure manner. The proposed system involves using a mobile phone as a software token for one time password generation. The generated one time password is valid for only a short user-defined period of time and is generated by factors that are unique to both, the user and the mobile device itself. Additionally, an SMS-based mechanism is implemented as both a backup mechanism for retrieving the password and as a possible mean of synchronization. The proposed method has been implemented and tested. Initial results show the success of the proposed method.Keywords
This publication has 4 references indexed in Scilit:
- Fourth-factor authenticationPublished by Association for Computing Machinery (ACM) ,2006
- Two-factor authenticationCommunications of the ACM, 2005
- Mobile banking servicesCommunications of the ACM, 2004
- Payments and banking with mobile personal devicesCommunications of the ACM, 2003