3LS-authenticate: an e-commerce challenge-response mobile application.

Research Output

The rapid growth of e-commerce has been associated with a number of security concerns, which challenge its continual success. In view of this, an investigative study determining the most secure and convenient solution to protect online clients has been conducted. It was found that employing mobile phones to authenticate clients, through Out-Of-Band (OOB) communication channels, was the best solution to overcome security threats, such as Man-In-The-Browser (MITB) attacks. Therefore, a simple, yet highly secure, mobile application was developed to authenticate online clients within e-commerce applications using QR code capturing.
This paper introduces the “3LS-Authenticate” mobile-application, which captures an encrypted QR code from a server’s web-browser, and performs three levels of security to authenticate clients. It also presents results of verification of the proposed protocol, using the Scyther security protocol verification tool.

Type:

Conference Paper (unpublished)
Date:

29 November 2016
Publication Status:

Accepted
Library of Congress:

QA75 Electronic computers. Computer science
Dewey Decimal Classification:

005.4 Systems programming and programs

http://researchrepository.napier.ac.uk/output/353515 <p>Molla, R., Romdhani, I., & Buchanan, B. (2016, November). <i>3LS-authenticate: an e-commerce challenge-response mobile application</i>. Paper presented at 13th ACS/IEEE International Conference on Computer Systems and Applications AICCSA 2016, Agadir, Morocco</p>

Citation

Molla, R., Romdhani, I., & Buchanan, B. (2016, November). 3LS-authenticate: an e-commerce challenge-response mobile application. Paper presented at 13th ACS/IEEE International Conference on Computer Systems and Applications AICCSA 2016, Agadir, Morocco