A two-factor mobile authentication scheme for secure financial transactions

Roberto Di Pietro, Gianluigi Me, Maurizio A. Strangio

Research output: Chapter in Book/Report/Conference proceedingConference contribution

21 Scopus citations


Many authentication schemes are based on parties possessing cryptographic keys often held on smart cards or other tamper-proof devices. Modern portable devices (e.g. PDAs, Smartphones) are enriched with advanced functionalities and thus could soon become both the preferred portable computing device (thereby substituting laptop computers) and a personal trusted device. This paper presents a novel two-factor authentication scheme whereby a Bluetooth-enabled handheld device is used to enforce basic password-based authentication thus improving convenience and usability. The main building block is a simple and efficient two-party authentication protocol based on a shared string (including the case of low entropy human memorable passwords) and on well known cryptographic primitives. The discussion relates to the banking sector but our scheme is readily adaptable to other more general contexts.
Original languageEnglish (US)
Title of host publication4th Annual International Conference on Mobile Business, ICMB 2005
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages7
ISBN (Print)0769523676
StatePublished - Jan 1 2005
Externally publishedYes

Bibliographical note

Generated from Scopus record by KAUST IRTS on 2023-09-20


Dive into the research topics of 'A two-factor mobile authentication scheme for secure financial transactions'. Together they form a unique fingerprint.

Cite this