Website Credential Storage and Two-Factor Web Authentication with a Java SIM [chapter]

Jonathan Hart, Konstantinos Markantonakis, Keith Mayes
2010 Lecture Notes in Computer Science  
In this paper two mobile website authentication schemes are proposed. The first enables authentication credentials (username and password) to be stored and retrieved securely from a mobile handset, and requires no changes to existing websites. The second scheme, which may optionally be used with the first, utilises a one-time password and is intended for applications requiring an enhanced level of authentication, e.g. financial services. Both authentication schemes use a Java SIM and ubiquitous
more » ... mobile phone; with its familiar and convenient form factor and high user acceptance. Both schemes also provide protection against online phishing attacks.
doi:10.1007/978-3-642-12368-9_17 fatcat:ebb6mlcjsfeztfmjvdywvuydey