3LS-authenticate: an e-commerce challenge-response mobile application.

Molla, Rania; Romdhani, Imed; Buchanan, Bill

3LS-authenticate: an e-commerce challenge-response mobile application.

Molla, Rania; Romdhani, Imed; Buchanan, Bill

Authors

Rania Molla

Dr Imed Romdhani I.Romdhani@napier.ac.uk
Associate Professor

Prof Bill Buchanan B.Buchanan@napier.ac.uk
Professor

Abstract

The rapid growth of e-commerce has been associated with a number of security concerns, which challenge its continual success. In view of this, an investigative study determining the most secure and convenient solution to protect online clients has been conducted. It was found that employing mobile phones to authenticate clients, through Out-Of-Band (OOB) communication channels, was the best solution to overcome security threats, such as Man-In-The-Browser (MITB) attacks. Therefore, a simple, yet highly secure, mobile application was developed to authenticate online clients within e-commerce applications using QR code capturing.
This paper introduces the “3LS-Authenticate” mobile-application, which captures an encrypted QR code from a server’s web-browser, and performs three levels of security to authenticate clients. It also presents results of verification of the proposed protocol, using the Scyther security protocol verification tool.

Citation

Molla, R., Romdhani, I., & Buchanan, B. (2016, November). 3LS-authenticate: an e-commerce challenge-response mobile application. Paper presented at 13th ACS/IEEE International Conference on Computer Systems and Applications AICCSA 2016

Presentation Conference Type	Conference Paper (unpublished)
Conference Name	13th ACS/IEEE International Conference on Computer Systems and Applications AICCSA 2016
Start Date	Nov 29, 2016
End Date	Dec 2, 2016
Acceptance Date	Aug 15, 2016
Deposit Date	Nov 10, 2016
Publicly Available Date	Jun 1, 2018
Keywords	Computer systems, applications,
Public URL	http://researchrepository.napier.ac.uk/Output/353515