Top

Published in:

2019 | OriginalPaper | Chapter

Implementing Fingerprint Recognition on One-Time Password Device to Enhance User Authentication

Authors : Xiaochun Cheng, Andreas Pitziolis, Aboubaker Lasebae

Published in: Cyberspace Safety and Security

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The banking sector uses One-Time Passwords (OTPs) to provide extra user authentication in contrast to basic security methods used, such as the “Card and PIN” or “online username and password”. There have been several known attacks against OTPs, this paper provides an addition to the authentication process by the use of biometric authentication, such as fingerprint recognition. Finally, the solution is implemented by designing a smart IoT device using Arduino Uno, Fingerprint Sensor, RFID Card Reader and SIM/GSM/GPRS Shield.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter A Fine-Grained Authorized Keyword Secure Search Scheme in the Cloud Computing

next chapter A Secure Authentication Scheme Based on Chen’s Chaotic System and Finger Vein’s Auxiliary Data

First Data, (2015). Cards and Payments: Seeing Past the Hi-Tech Hype. First Data

Prabhakar, S., Pankanti, S., Jain, A.: Biometric recognition: security and privacy concerns. IEEE Secur. Priv. Mag. 1(2), 33–42 (2003)CrossRef

Valavan, T., Kalaivani, R.: Biometric authentication system using finger vein. Int. J. Comput. Sci. Mob. Appl. 2, 50–55 (2014)

González-Agulla, E., Otero-Muras, E., García-Mateo, C., Alba-Castro, J.: A multiplatform Java wrapper for the BioAPI framework. Comput. Stand. Interfaces 31(1), 186–191 (2009)CrossRef

Vacca, J.: Biometric Technologies and Verification Systems. Butterworth-Heinemann/Elsevier, Amsterdam (2007)

Woodward, J., Orlans, N., Higgins, P.: Biometrics. McGraw-Hill/Osborne, New York (2003)

Barral, C.: Biometrics & Security: Combining Fingerprints, Smart Cards and Cryptography. Ph.D. École Polytechnique Fédérale de Lausanne (2010)

Jain, A., Nandakumar, K., Nagar, A.: Fingerprint template protection: from theory to practice. In: Campisi, P. (ed.) Security and Privacy in Biometrics, pp. 187–214. Springer, Heidelberg (2013). https://doi.org/10.1007/978-1-4471-5230-9_8CrossRef

Nanavati, S., Thieme, M., Nanavati, R.: Biometrics. Wiley, New York (2002)

10.

Bazen, A.: Fingerprint identification - feature extraction, matching, and database search. Ph.D. (2002)

11.

Bolle, R.: Guide to Biometrics. Springer, New York (2011). https://doi.org/10.1007/978-1-4757-4036-3CrossRef

12.

Ku, W.C., Tasi, H.C., Tsaur, M.J.: Stolen-verifier attack on an efficient smartcard-based one-time password authentication scheme. IEICE Trans. Commun. E87-B(8), 2374–2376 (2005)

13.

Karovaliya, M., Karedia, S., Oza, S., Kalbande, D.: Enhanced security for ATM machine with OTP and facial recognition features. Procedia Comput. Sci. 45, 390–396 (2015)CrossRef

14.

Smith, D., Wiliem, A., Lovell, B.: Face recognition on consumer devices: reflections on replay attacks. IEEE Trans. Inf. Forensics Secur. 10(4), 736–745 (2015)CrossRef

15.

Seo, S., Kang, W.: Technical status of otp & cases of introducing otp in domestic financial institutions. Korea Inst. Inf. Secur. Cryptol. 3(17), 18–25 (2007)

16.

Savvides, M.: Introduction to Biometric Technologies and Applications. [ebook] ECE & CyLab, Carnegie Mellon University (n.d.). https://users.ece.cmu.edu/~jzhu/class/18200/F06/L10A_Savvides_Biometrics.pdf

17.

Yoo, C., Kang, B., Kim, H.: Case study of the vulnerability of OTP implemented in internet banking systems of South Korea. Multimed. Tools Appl. 74(10), 3289–3303 (2014)CrossRef

18.

Qi, A., Shen, Y.: Design and research of a new secure authentication protocol in GSM networks. In: MATEC Web of Conferences, vol. 61, p. 03010 (2016)

19.

Burkholder, P.: SSL Man-in-the-Middle Attacks. SANS Institute 2002 (2002)

20.

Lawton, G.: Is it finally time to worry about mobile Malware? Computer 41(5), 12–14 (2008)CrossRef

21.

Villalba, J., Lleida, E.: Preventing replay attacks on speaker verification systems. In: 2011 Carnahan Conference on Security Technology (2011)

22.

Cain, C.: Analyzing Man-in-the-Browser (MITB) Attacks. SANS Institute (2014)

23.

O’Gorman, L.: Comparing passwords, tokens, and biometrics for user authentication. Proc. IEEE 91(12), 2021–2040 (2003)CrossRef

24.

Mavoungou, S., Kaddoum, G., Taha, M., Matar, G.: Survey on threats and attacks on mobile networks. IEEE Access, 4, pp. 4543–4572 (2016)

25.

Bayometric: Fingerprint vs. Finger-Vein Biometric Authentication (2017). https://www.bayometric.com/fingerprint-vs-finger-vein-biometric-authentication/

26.

Lin, C., Fan, K.: Biometric verification using thermal images of palm-dorsa vein patterns. IEEE Trans. Circuits Syst. Video Technol. 14(2), 199–213 (2004)CrossRef

27.

Gao, C., Lv, S., Wei, Y., Wang, Z., Liu, Z., Cheng, X.: An effective searchable symmetric encryption with enhanced security for mobile devices. IEEE Access 6, 38860–38869 (2018). ISSN 2169-3536

28.

Wang, C., Zhao, Z., Gong, L., Zhu, L., Liu, Z., Cheng, X.: A distributed anomaly detection system for in-vehicle network using HTM. IEEE Access 6(1), 9091–9098 (2018)CrossRef

29.

Wang, C., et al.: Accurate Sybil attack detection based on fine-grained physical channel information’. Sensors 18(3), 878, 23 p. (2018). ISSN 1424-8220

30.

Dinculeană, D., Cheng, X.: Vulnerabilities and limitations of MQTT protocol used between IoT devices, special issue “Access Control Schemes for Internet of Things” at Applied Sciences Journal published at MDPI 9(5), 848 (2019). https://doi.org/10.3390/app9050848

31.

Shi, F., Chen, Z., Cheng, X.: Behaviour Modelling and Individual Recognition of Sonar Transmitter for Secure Communication in UASNs. IEEE Access (2019). Online early preprint, Print ISSN: 2169-3536, Online ISSN: 2169-3536. https://doi.org/10.1109/ACCESS.2019.2923059

32.

Men, J., et al.: Finding sands in the eyes: vulnerabilities discovery in IoT with EUFuzzer on human machine interface. IEEE Access 7, 103751–103759 (2019)CrossRef

Title: Implementing Fingerprint Recognition on One-Time Password Device to Enhance User Authentication
Authors: Xiaochun Cheng
Andreas Pitziolis
Aboubaker Lasebae
Publisher: Springer International Publishing
Book: Cyberspace Safety and Security
Print ISBN: 978-3-030-37351-1

Electronic ISBN: 978-3-030-37352-8

Copyright Year: 2019
DOI: https://doi.org/10.1007/978-3-030-37352-8_39

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner