User-to-Service Authentication Using Mobile Phones

Thumbnail Image

URL

Journal Title

Journal ISSN

Volume Title

Helsinki University of Technology | Diplomityö
Checking the digitized thesis and permission for publishing
Instructions for the author

Authors

Date

2006

Department

Tietotekniikan osasto

Major/Subject

Tietokoneverkot

Mcode

T-110

Degree programme

Language

en

Pages

(7) + 46

Series

Abstract

Nowadays, authentication is usually done by using username and password. They are common and can provide basic security and are also economical. On the other hand, research has shown that usernames and passwords are not secure enough in some situations and it is also hard to remember many passwords for many accounts or to remember strong passwords. Usernames, which map identities and secret passwords, are based solely on knowledge. Using solely knowledge for authentication utilizes only one factor which might lead to both security and usability drawbacks. A mobile phone and a SIM can be used as a physical, tangible authentication token that could be used in parallel with knowledge based authentication. This thesis investigates the technologies and authentication methods that are related to the usage of mobile phones for authenticating the users in Mobile Commerce context. Various technologies traditional username and password, graphical Password, Internet ID, "Using GSM to enhance E-commerce", and Generic Authentication Architecture are presented and evaluated against selected criteria for the Mobile Commerce context. The outcome of this thesis is the comparison and ranking of each technology against the criteria for the mobile commerce environment.

Description

Supervisor

Asokan, N.

Thesis advisor

Holmström, Ursula

Keywords

authentication, mobile phones, user-to-service, GSM, SIM, security, mobile commerce, usability

Other note

Citation

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-2020120553108

Collections

[dipl] Teknillinen korkeakoulu / TKK