| Information | 卷:8 |
| Protecting Touch: Authenticated App-To-Server Channels for Mobile Devices Using NFC Tags | |
| Fernando Kaway Carvalho Ota1 Aleardo Manacero2 Michael Hölzl3 René Mayrhofer3 Michael Roland4 | |
| [1] Banco do Brasil S.A., 70790-125 Brasília, Brazil; | |
| [2] Department of Computer Science and Statistics, São Paulo State University—UNESP, 15054-000 São José do Rio Preto, Brazil; | |
| [3] Institute of Networks and Security, Johannes Kepler University Linz, 4040 Linz, Austria; | |
| [4] University of Applied Sciences Upper Austria, 4232 Hagenberg, Austria; | |
| 关键词: secure channel; two-factor authentication; Near Field Communication (NFC); Android; mobile security; | |
| DOI : 10.3390/info8030081 | |
| 来源: DOAJ | |
【 摘 要 】
Traditional authentication methods (e.g., password, PIN) often do not scale well to the context of mobile devices in terms of security and usability. However, the adoption of Near Field Communication (NFC) on a broad range of smartphones enables the use of NFC-enabled tokens as an additional authentication factor. This additional factor can help to improve the security, as well as usability of mobile apps. In this paper, we evaluate the use of different types of existing NFC tags as tokens for establishing authenticated secure sessions between smartphone apps and web services. Based on this evaluation, we present two concepts for a user-friendly secure authentication mechanism for mobile apps, the Protecting Touch (PT) architectures. These two architectures are designed to be implemented with either end of the spectrum of inexpensive and widely-available NFC tags while maintaining a reasonable trade-off between security, availability and cost.
【 授权许可】
Unknown
878987797
028-85220240
