Author : Rakshit Ogra 1
Date of Publication :7th March 2016
Abstract: The process of authorizing an individual is usually based on username and password and also by using message based system. A remote authentication system is handled generally through remote systems itself without any manual / operator assistance. Presently there are many authentication mechanisms deployed on various applications on the internet which deal with financial transactions. In a transaction involving payment through credit card, authentication involves entering credit card, authentication involves entering credit card number, name on the card, Card Verification Value (CVV) number, expiry date. Further to this OTP (One Time Password) is used in which person to be authenticated can have access is required to enter a code which is provided by remote systems to user on his mobile phone. CAPTCHA (Completely Automated Procedure to Tell Computers and Humans Apart) is used for the authentication. The proposed system is an interactive remote authentication system which can be deployed in addition to the broadly available authentications only for high value and critical financial transactions. This involves verification / authentication of remote user by human operator on the authentication system-end. This involves two levels of authenticating remote user. At the first level remote user is asked to capture his image using webcam or any other camera (Mobile) and then send the image to the system. The human operator on system-end verifies the captured image of the remote user comparing it with the image stored in the system database. If it matches, the second level of verification is initiated by human operator. Human operator will ask the remote user to perform some action such as turn face left, right or up, touch your nose, remove the cap, etc. and capture the picture of his modified face as per an instruction and send to human operator. If the new image is as per an instruction of human operator that verifies the remote user is authenticated.
Reference :
-
- Browser Fingerprinting and the Online –Tracking Arms Race” An IEEE paper on Fingerprinting biometrics “ (http://spectrum.ieee.org/computing/software/browserfingerprinting-and-the-onlinetracking-arms-race)
- “An Insight into Fingerprinting” (http://www.ieee.org/about/technologies/emerging/fingerpr inting.pdf)
- “Authentication For Remote Logins(r login)” (https://docs.oracle.com/cd/E19455-01/805- 7229/remotehowtoaccess-27053/index.html)
- “AVISPA- An Automated Validation Of Internet Security Protocols and Applications” – by Alessandro Armando, David Basin, Jorge Cuellar, Michael Rusinowitch and Luca Vigno (http://www.ercim.eu/publication/Ercim_News/enw64/arm ando.html)
- “RADIUS- Remote Authentication Dial-In User Service” (http://searchsecurity.techtarget.com/definition/RADIUS)
- “Search Personal Authentication through Remote System For E-Transactions (SPARSE)” (http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber= 6734913)