Abstract

Validation of user’s authenticity through authentication played a crucial role to address risks and security issues in today's connected world. Among different authentication methods, OTP sent via SMS was identified as the most commonly used multi-factor authentication mechanism. However, studies have shown that it has not remained attack-proof. It has been branded to be vulnerable to SMiShing, a technique comparable to Internet phishing, and Eavesdropping accomplished through keylogging, screens capturing, shoulder surfing and other social engineering practices. This study introduced an innovative approach to secure SMS-based OTP against its threats through OTP encryption using modified Blowfish algorithm. A mobile application was also employed for capturing and processing encrypted SMS-based OTP to produce new OTP for verification, thus performing end-to-end OTP. Experimentation results and analysis revealed that the proposed architecture was free against the said vulnerabilities and promote tighter security, making it a good alternative for SMS-based OTP multi-factor authentication.

Details

Title
Enhanced Multi-factor Out-of-Band Authentication En Route to Securing SMS-based OTP Ariel
Author
Reyes, Ariel Roy L; Festijo, Enrique D; Medina, Ruji P
Pages
145-154
Section
Articles
Publication year
2019
Publication date
Mar 26, 2019
Publisher
Taiwan Association of Engineering and Technology Innovation
ISSN
22235329
e-ISSN
2226809X
Source type
Scholarly Journal
Language of publication
English
ProQuest document ID
2203257838
Copyright
© 2019. This work is published under http://creativecommons.org/licenses/by-nc/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.