Abstract
Over the decades, the security in mobile commerce application via One Time Password (OTP) plays a vital role. With new developments in mobile wallets, the volume of transactions increase globally and the need for securing transactions is still a challenging aspect. A strong user authentication mechanism is required since many of the attacks take minimum effort to break the security. User Authentication is a critical requirement since many of the attacks take minimum effort to break the security. Hence a novel cryptographic scheme is proposed to bridge the gap between security and authentication mechanisms. Initially, the scheme captures the user image to analyze the face for its structure, texture and feature identification. Once the image components are matched from the available template database user authentication is successful. To avoid conflict during template matching the face components are further subjected to segment location, radius and center of eyeballs at subpixellic accuracy. Iris matching is done via spatial histogram. If the iris information is similar, the Transaction Server (TS) generates OTP and sends it to the user mobile in order to complete the transaction. The proposed model is proven to be highly efficient against False Acceptance Rate (FAR) and False Rejection Rate (FRR) measures and is validated over Q- Fire dataset.
Similar content being viewed by others
References
Ajay AS (2013) Low power FPGA based elliptical curve cryptography. IOSR J Electron Commun Eng 6:11–14
Alheeti KMA (2011) Biometric iris recognition based on hybrid technique. Int J Soft Comput 2:1–9
Barker EB, Barker WC, Burr WE, Polk WT, Smid ME (2014) NIST Special Publication 800-57: Recommendation for Key Management Part 1: General (Revision 3), 2012: 1–147.
Cha B, Kim K, Na H (2008) Random password generation of OTP system using changed location and angle of fingerprint features. IEEE 2008 computer and information technology; 8–11 July 2008; Sydney, New South Wales, Australia. IEEE: 420–425
Chen CH, Chu TC (2006) Fusion of face and iris features for multimodal biometrics. In: Springer 2006 international conference on biometrics; Berlin, Heidelberg. Springer. 571–580
Daftry S, Dawar S (2012) Performance evaluation of transform based feature extraction methods for identity authentication system using fingerprint matching. Image 16:17–22
Iancu I, Constantinescu N, Colhon M (2010) Fingerprint’s identification using a fuzzy logic system. Int J Comput Commun Control 5:525–531
Johnson PA, Meyer PL, Sazonova N, Hua F, Schuckers S (2010) Quality in face and iris research ensemble (Q-FIRE). IEEE 2010 biometrics: theory applications and systems; 27–29 September 2010; Washington, DC, United States. IEEE: 1–6
Lee YS, Kim NH, Lim H, Jo H, Lee HJ (2010) Online banking authentication system using mobile-OTP with QR-code. In: IEEE 2010 Computer Sciences and Convergence Information Technology; Seoul, South Korea. IEEE: 644–648
Mahto D, Yadav DK (2013) Network security using ECC with biometric. Int Conf Heterogen Netw Quality, Reliability, Sec Robust 115:842–853
Nguyen K, Sridharan S, Denman S, Fookes C (2012) Feature-domain super-resolution framework for Gabor-based face and iris recognition. IEEE 2012 computer vision and pattern recognition; Providence, Rhode Island, United States. IEEE: 2642–2649
Ramalho MB, Correia PL, Soares LD (2012) Hand-based multimodal identification system with secure biometric template storage. IET Comput Vis 6:165–173
Richards G (2012) One-time password (OTP) pre-authentication. RFC 6560, April 2012
Sagayee GMA, Arumugam S, Mala GA (2013) Biometric encryption using enhanced fingerprint image and elliptic curve. Int J Electron Sec Digit Forens 5:110–123
Sheeba T, Justin Bernard M (2012) Survey on multimodal biometric authentication combining fingerprint and finger vein. Int J Comput Applic 51:55–60
Shreyal D, More P (2017) Implementation of VSK and arithmetic OTP verification for resisting shoulder surfing attack. Int J Sci Res 6:20–24
Tsai CL, Chen CJ, Zhuang DJ (2012) Secure OTP and biometric verification scheme for mobile banking. IEEE 2012 Mobile, Ubiquitous, and Intelligent Computing; Center for Secure information system, george mason university, Fairfax, VA, USA. IEEE: 138–141
Wang Y, Tieniu T, Jain AK (2003) Combining face and iris biometrics for identity verification. Springer 2003 Audio and Video-Based Biometric Person Authentication; Guildford, UK. Springer: 805–813
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Ramasamy, P., Ranganathan, V., Palanisamy, V. et al. Securing one-time password generation using elliptic-curve cryptography with self-portrait photograph for mobile commerce application. Multimed Tools Appl 79, 17081–17099 (2020). https://doi.org/10.1007/s11042-019-7615-3
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-019-7615-3