A New Anti-phishing Method in OpenID

Following recent developments in digital environments, online services have become more diverse. Because of this, many users find it difficult to manage their ID and password. As such, there is a rising need for effective ID management systems. Among them, OpenID is a simple, light and user- centric ID management system. However, because of OpenID is vulnerable to phishing, so many measures being are taken to solve this problem, although no perfect anti-phishing method has so far been devised. In this paper, new anti-phishing methods using tokens and authentication e-mail are proposed. The suggested methods are based on the assumption that the number of OPs is small, and are hence safer from attack and easier to realize from the technical viewpoint than existing methods.