Skip to main content
SpringerLink
Log in

Securing one-time password generation using elliptic-curve cryptography with self-portrait photograph for mobile commerce application

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

Over the decades, the security in mobile commerce application via One Time Password (OTP) plays a vital role. With new developments in mobile wallets, the volume of transactions increase globally and the need for securing transactions is still a challenging aspect. A strong user authentication mechanism is required since many of the attacks take minimum effort to break the security. User Authentication is a critical requirement since many of the attacks take minimum effort to break the security. Hence a novel cryptographic scheme is proposed to bridge the gap between security and authentication mechanisms. Initially, the scheme captures the user image to analyze the face for its structure, texture and feature identification. Once the image components are matched from the available template database user authentication is successful. To avoid conflict during template matching the face components are further subjected to segment location, radius and center of eyeballs at subpixellic accuracy. Iris matching is done via spatial histogram. If the iris information is similar, the Transaction Server (TS) generates OTP and sends it to the user mobile in order to complete the transaction. The proposed model is proven to be highly efficient against False Acceptance Rate (FAR) and False Rejection Rate (FRR) measures and is validated over Q- Fire dataset.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Ajay AS (2013) Low power FPGA based elliptical curve cryptography. IOSR J Electron Commun Eng 6:11–14

    Article  Google Scholar 

  2. Alheeti KMA (2011) Biometric iris recognition based on hybrid technique. Int J Soft Comput 2:1–9

    Article  Google Scholar 

  3. Barker EB, Barker WC, Burr WE, Polk WT, Smid ME (2014) NIST Special Publication 800-57: Recommendation for Key Management Part 1: General (Revision 3), 2012: 1–147.

  4. Cha B, Kim K, Na H (2008) Random password generation of OTP system using changed location and angle of fingerprint features. IEEE 2008 computer and information technology; 8–11 July 2008; Sydney, New South Wales, Australia. IEEE: 420–425

  5. Chen CH, Chu TC (2006) Fusion of face and iris features for multimodal biometrics. In: Springer 2006 international conference on biometrics; Berlin, Heidelberg. Springer. 571–580

  6. Daftry S, Dawar S (2012) Performance evaluation of transform based feature extraction methods for identity authentication system using fingerprint matching. Image 16:17–22

    Google Scholar 

  7. Iancu I, Constantinescu N, Colhon M (2010) Fingerprint’s identification using a fuzzy logic system. Int J Comput Commun Control 5:525–531

    Article  Google Scholar 

  8. Johnson PA, Meyer PL, Sazonova N, Hua F, Schuckers S (2010) Quality in face and iris research ensemble (Q-FIRE). IEEE 2010 biometrics: theory applications and systems; 27–29 September 2010; Washington, DC, United States. IEEE: 1–6

  9. Lee YS, Kim NH, Lim H, Jo H, Lee HJ (2010) Online banking authentication system using mobile-OTP with QR-code. In: IEEE 2010 Computer Sciences and Convergence Information Technology; Seoul, South Korea. IEEE: 644–648

  10. Mahto D, Yadav DK (2013) Network security using ECC with biometric. Int Conf Heterogen Netw Quality, Reliability, Sec Robust 115:842–853

    Article  Google Scholar 

  11. Nguyen K, Sridharan S, Denman S, Fookes C (2012) Feature-domain super-resolution framework for Gabor-based face and iris recognition. IEEE 2012 computer vision and pattern recognition; Providence, Rhode Island, United States. IEEE: 2642–2649

  12. Ramalho MB, Correia PL, Soares LD (2012) Hand-based multimodal identification system with secure biometric template storage. IET Comput Vis 6:165–173

    Article  MathSciNet  Google Scholar 

  13. Richards G (2012) One-time password (OTP) pre-authentication. RFC 6560, April 2012

  14. Sagayee GMA, Arumugam S, Mala GA (2013) Biometric encryption using enhanced fingerprint image and elliptic curve. Int J Electron Sec Digit Forens 5:110–123

    Article  Google Scholar 

  15. Sheeba T, Justin Bernard M (2012) Survey on multimodal biometric authentication combining fingerprint and finger vein. Int J Comput Applic 51:55–60

    Google Scholar 

  16. Shreyal D, More P (2017) Implementation of VSK and arithmetic OTP verification for resisting shoulder surfing attack. Int J Sci Res 6:20–24

    Google Scholar 

  17. Tsai CL, Chen CJ, Zhuang DJ (2012) Secure OTP and biometric verification scheme for mobile banking. IEEE 2012 Mobile, Ubiquitous, and Intelligent Computing; Center for Secure information system, george mason university, Fairfax, VA, USA. IEEE: 138–141

  18. Wang Y, Tieniu T, Jain AK (2003) Combining face and iris biometrics for identity verification. Springer 2003 Audio and Video-Based Biometric Person Authentication; Guildford, UK. Springer: 805–813

Download references

Author information

Authors and Affiliations

  1. Department of Applied Mathematics and Computational Sciences, PSG College of Technology, Coimbatore, Tamil Nadu, India

    Priya Ramasamy

  2. Department of Biomedical Engineering, PSG College of Technology, Coimbatore, Tamil Nadu, India

    Vidhyapriya Ranganathan

  3. School of Information Technology and Engineering, VIT, Vellore, Tamil Nadu, India

    Venketesh Palanisamy

  4. Department of Mathematics and Computer Science, Faculty of Science, Beirut Arab University, Beirut, Lebanon

    Seifedine Kadry

Authors
  1. Priya Ramasamy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vidhyapriya Ranganathan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Venketesh Palanisamy
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Seifedine Kadry
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Seifedine Kadry.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ramasamy, P., Ranganathan, V., Palanisamy, V. et al. Securing one-time password generation using elliptic-curve cryptography with self-portrait photograph for mobile commerce application. Multimed Tools Appl 79, 17081–17099 (2020). https://doi.org/10.1007/s11042-019-7615-3

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-019-7615-3

Keywords

Search

Navigation