A Multifactor Authentication Model to Mitigate the Phishing Attack of E-Service Systems from Bangladesh Perspective

Abstract

A new multifactor authentication model has been proposed for Bangladesh taking cost-effectiveness in primary concern. We considered two-factor authentications in our previous e-service models which were proven to be insufficient in terms of phishing attack. Users often fail to identify phishing site and provide confidential information unintentionally, resulting in a successful phishing attempt. As a result, phishing can be considered as one of the most serious issues and required to be addressed and mitigated. Three factors were included to form multifactor authentication, namely, user ID, secured image with caption, and one-time password. Through the survey, the proposed multifactor model is proven to be better by 59% points for total users which comprises 55% points for technical users and 64% points for nontechnical users in comparison to traditional two-factor authentication model. Since the results and recommendations from the user were reflected in the model, user satisfaction was achieved.