Pick location security: Seamless integrated multi-factor authentication

Authentication is one of the key aspects of securing applications and systems alike. While in most existing systems this is achieved using usernames and passwords it has been continuously shown that this authentication method is not secure. Studies that have been conducted have shown that these systems have vulnerabilities which lead to cases of impersonation and identity theft thus there is need to improve such systems to protect sensitive data. In this research, we explore the combination of the user's location together with traditional usernames and passwords as a multi factor authentication system to make authentication more secure. The idea involves comparing a user's mobile device location with that of the browser and comparing the device's Bluetooth key with the key used during registration. We believe by leveraging existing technologies such as Bluetooth and GPS we can reduce implementation costs whilst improving security.

[1]  Chin-Chen Chang,et al.  A secure one-time password authentication scheme using smart cards without limiting login times , 2004, OPSR.

[2]  Navpreet Kaur,et al.  Robust login authentication using time-based OTP through secure tunnel , 2016, 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom).

[3]  Nai-Wei Lo,et al.  Dynamic multi-factor authentication for smartphone , 2016, 2016 IEEE 27th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC).

[4]  Dipankar Dasgupta,et al.  Toward the design of adaptive selection strategies for multi-factor authentication , 2016, Comput. Secur..

[5]  Vinod Pathari,et al.  Multi-factor authentication using threshold cryptography , 2016, 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[6]  Hisham Al-Assam,et al.  LocBiometrics: Mobile phone based multifactor biometric authentication with time and location assurance , 2010 .

[7]  Rachna Dhamija,et al.  The Seven Flaws of Identity Management: Usability and Security Challenges , 2008, IEEE Security & Privacy.

[8]  Yaqi Zhang,et al.  A Uniform Identity Authentication Method Based on Cookie Ticket , 2016, 2016 3rd International Conference on Information Science and Control Engineering (ICISCE).