A novel OTP based tripartite authentication scheme
International Journal of Pervasive Computing and Communications
ISSN: 1742-7371
Article publication date: 19 August 2021
Issue publication date: 25 July 2022
Abstract
Purpose
Because of the continued use of mobile, cloud and the internet of things, the possibility of data breaches is on the increase. A secure authentication and authorization strategy is a must for many of today’s applications. Authentication schemes based on knowledge and tokens, although widely used, lead to most security breaches. While providing various advantages, biometrics are also subject to security threats. Using multiple factors together for authentication provides more certainty about a user’s identity; thus, leading to a more reliable, effective and more difficult for an adversary to intrude. This study aims to propose a novel, secure and highly stable multi-factor one-time password (OTP) authentication solution for mobile environments, which uses all three authentication factors for user authentication.
Design/methodology/approach
The proposed authentication scheme is implemented as a challenge-response authentication where three factors (username, device number and fingerprint) are used as a secret key between the client and the server. The current scheme adopts application-based authentication and guarantees data confidentiality and improved security because of the integration of biometrics with other factors and each time new challenge value by the server to client for OTP generation.
Findings
The proposed authentication scheme is implemented on real android-based mobile devices, tested on real users; experimental results show that the proposed authentication scheme attains improved performance. Furthermore, usability evaluation proves that proposed authentication is effective, efficient and convenient for users in mobile environments.
Originality/value
The proposed authentication scheme can be adapted as an effective authentication scheme to accessing critical information using android smartphones.
Keywords
Citation
Lone, S.A. and Mir, A.H. (2022), "A novel OTP based tripartite authentication scheme", International Journal of Pervasive Computing and Communications, Vol. 18 No. 4, pp. 437-459. https://doi.org/10.1108/IJPCC-04-2021-0097
Publisher
:Emerald Publishing Limited
Copyright © 2021, Emerald Publishing Limited