In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
» Openaccess proceedings » Eighth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2014)
Eighth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2014)
Title: Alternative Graphical Authentication for Online Banking Environments
Author(s): Hussain Alsaiari, Maria Papadaki, Paul Dowland, Steven Furnell
Keywords: Alternative authentication, User authentication security, Online banking authentication, Graphical password, One-Time-Password
Abstract: Many financial institutes tend to implement a secure authentication mechanism through the utilization of the One-Time-Password (OTP) technique. The use of a hardware security token to generate the required OTP has been widespread. Despite the fact that this method provides a fairly high level of security, many systems have not taken into consideration the need for a secure alternative login method whenever the hardware token is unavailable. This paper discusses the authentication issues associated with current e-banking login implementations when the hardware security token is unavailable. The study was supported by a user survey to realize the constraints confronting the user while logging in to their online banking system. The result showed that many online banking users had multiple accounts and found carrying around several security tokens is inconvenience. Moreover, high proportion of the users had confidently accepted the concept of one-time graphical password as an alternative means of authentication. Therefore, a potential solution has been introduced along with a conceptual discussion. The proposal aims to consolidate several authentication mechanisms to unite their various advantages into one robust authentication system with consideration of usability. The composite mechanism comprises of a One-Time-Password combined with graphic-based authentication techniques.
Download count: 1686
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.