Plymouth University Researchers Develop Advanced Security System For Online Banking
The current online banking system works on the basis of two step authentication where a combination of your password and an OTP that you receive on your cellphone is used. However, most of us keep our passwords ‘easy to remember’ thus making it easily predictable. So the two step authentication fails miserably if our phone is stolen and our password is easy to guess.
Now, although there are other, more secure methods than the traditional two-step process, but the problem with those are that they are highly expensive because they come with the need of deployment of huge and costly hardware systems. However, a team from Plymouth University in Britain have come up with a new method to authenticate users in case of online banking. The team says that their method is highly secure along with being quite inexpensive and also is easy to remember.
The system named ‘GOTPass System’ is developed in manner that it can be used in online banking or any such service where a user requires a password to authenticate himself. Here is how it will work. When the user first signs up, they will have to choose an unique username and draw a shape on 4x4 unlock pattern (yes, in a manner similar to the mobile devices). After this, the user will be assigned four fluky themes and they will be asked to choose 4 images, each one from a set of 30 images. After this, the user has finished the sign up procedure successfully.
Now, whenever the user logs in to the account, they will enter their username and draw the pattern that they have chosen. After this, the next screen will contain 16 images two of which will be from the four images that the user had chosen while signing up. Out of the remaining 14, six images will be similar to that of user’s actual image (associated distractors) and eight will be random decoys. Nope, it isn’t over yet. If the user identifies the image correctly, then an eight digit random code will be generated on the edges above the login panel which the user will need to type to gain access to their information (finally! phew).
Initial tests have shown that the system is easy to remember for users and of the 690 attempts of hacking, just 8 were successful and about 15 were achieved through coincidence. What will the system do if the user forgets even one of the information that he has to remember to login is not yet known.
Dr. Maria Papadaki from Plymouth University wrote in a paper that appeared in the Information Security Journal that they are now planning further tests to assess the long-term effectiveness of the GOTPass system and more detailed aspects of usability.
Via: #-Link-Snipped-#
Now, although there are other, more secure methods than the traditional two-step process, but the problem with those are that they are highly expensive because they come with the need of deployment of huge and costly hardware systems. However, a team from Plymouth University in Britain have come up with a new method to authenticate users in case of online banking. The team says that their method is highly secure along with being quite inexpensive and also is easy to remember.
The system named ‘GOTPass System’ is developed in manner that it can be used in online banking or any such service where a user requires a password to authenticate himself. Here is how it will work. When the user first signs up, they will have to choose an unique username and draw a shape on 4x4 unlock pattern (yes, in a manner similar to the mobile devices). After this, the user will be assigned four fluky themes and they will be asked to choose 4 images, each one from a set of 30 images. After this, the user has finished the sign up procedure successfully.
Now, whenever the user logs in to the account, they will enter their username and draw the pattern that they have chosen. After this, the next screen will contain 16 images two of which will be from the four images that the user had chosen while signing up. Out of the remaining 14, six images will be similar to that of user’s actual image (associated distractors) and eight will be random decoys. Nope, it isn’t over yet. If the user identifies the image correctly, then an eight digit random code will be generated on the edges above the login panel which the user will need to type to gain access to their information (finally! phew).
Initial tests have shown that the system is easy to remember for users and of the 690 attempts of hacking, just 8 were successful and about 15 were achieved through coincidence. What will the system do if the user forgets even one of the information that he has to remember to login is not yet known.
Dr. Maria Papadaki from Plymouth University wrote in a paper that appeared in the Information Security Journal that they are now planning further tests to assess the long-term effectiveness of the GOTPass system and more detailed aspects of usability.
Via: #-Link-Snipped-#
Replies
You are reading an archived discussion.
Related Posts
Both petrol & diesel are secondary fuels obtained from the primary fuel petroleum crude. But when they come to engines they play different role due to their chemical compositions. But...
Does anybody have any idea on DNS and DNSSEC hierarchy test bed setup and implementation.???
Cashing in on the Christmas weekend, Meizu has decided to put up the m2 on an open sale on Snapdeal. The Meizu m2 that arrived in the country last month...
URGENT!!!!! Guys need your help.
Could you please evaluate my profile for an MS in Comp science for fall 2016? GRE - 298,Toefl - 93, UG - BE in Information...
Chinese live program ‘Morning News’, has a new trainee anchor giving live weather reports. Only what makes this, a smashing news world over is the detail, that it is in...