Mobile payment systems are pervasive; their design is driven by convenience and security. In this paper, we identify five common problems in existing systems: (i) specialist hardware requirements, (ii) no reader-to-user authentication, (iii) use of invisible channels, (iv) dependence on a client-server connection, and (v) no inherent fraud detection. We then propose a novel system which overcomes these problems, so as to mutually authenticate a user, a point-of-sale reader, and a verifier over a visual channel, using an embedded image token to transport information, while providing inherent unauthorised usage detection. We show our system to be resilient against replay and tampering attacks.
CITATION STYLE
Sturgess, J., & Martinovic, I. (2018). VisAuth: Authentication over a visual channel using an embedded image. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11261 LNCS, pp. 537–546). Springer Verlag. https://doi.org/10.1007/978-3-030-02641-7_28
Mendeley helps you to discover research relevant for your work.