Abstract : In this paper two mobile website authentication
schemes are proposed. The first enables authentication credentials
(username and password) to be stored and retrieved securely from a
mobile handset, and requires no changes to existing websites. The second
scheme, which may optionally be used with the first, utilises a one-time
password and is intended for applications requiring an enhanced level of
authentication, e.g. financial services. Both authentication schemes use
a Java SIM and ubiquitous mobile phone; with its familiar and convenient
form factor and high user acceptance. Both schemes also provide
protection against online phishing attacks.
https://hal.inria.fr/hal-01056084 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Thursday, August 14, 2014 - 5:54:17 PM Last modification on : Friday, August 11, 2017 - 3:13:01 PM Long-term archiving on: : Thursday, November 27, 2014 - 1:36:59 AM
Jonathan Hart, Konstantinos Markantonakis, Keith Mayes. Website Credential Storage and Two-Factor Web
Authentication with a Java SIM. 4th IFIP WG 11.2 International Workshop on Information Security Theory and Practices: Security and Privacy of Pervasive Systems and Smart Devices (WISTP), Apr 2010, Passau, Germany. pp.229-236, ⟨10.1007/978-3-642-12368-9_17⟩. ⟨hal-01056084⟩