Alternative Graphical Authentication for Online Banking Environments
Authors: Hussain Alsaiari, M. Papadaki, P. S. Dowland, Steven Furnell

Date: July 2014
Publication: Proceedings of the Eighth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2014)
Page(s): 122 - 136
Source 1: http://www.cscan.org/download/?id=954

Abstract or Summary:
Many financial institutes tend to implement a secure authentication mechanism through the utilization of the One-Time-Password (OTP) technique. The use of a hardware security token to generate the required OTP has been widespread. Despite the fact that this method provides a fairly high level of security, many systems have not taken into consideration the need for a secure alternative login method whenever the hardware token is unavailable. This paper discusses the authentication issues associated with current e-banking login implementations when the hardware security token is unavailable. The study was supported by a user survey to realize the constraints confronting the user while logging in to their online banking system. The result showed that many online banking users had multiple accounts and found carrying around several security tokens is inconvenience. Moreover, high proportion of the users had confidently accepted the concept of one-time graphical password as an alternative means of authentication. Therefore, a potential solution has been introduced along with a conceptual discussion. The proposal aims to consolidate several authentication mechanisms to unite their various advantages into one robust authentication system with consideration of usability. The composite mechanism comprises of a One-Time-Password combined with graphic-based authentication techniques.



Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.

<-- Back to Authentication Research Paper Index





[Home] [About Us] [News] [Research]

Copyright © 2019 PasswordResearch.com