Implicit Secondary Authentication for Sustainable SMS Authentication
AbstractShort message service (SMS) is the most widely adopted multi-factor authentication method for consumer-facing accounts. However, SMS authentication is susceptible to vulnerabilities such as man-in-the-middle attack, smishing, and device theft. This study proposes implicit authentication based on behavioral pattern of users when they check an SMS verification code and environmental information of user proximity to detect device theft. User behavioral pattern is collected by using the accelerometer and gyroscope of a smart device such as a smartphone and smart watch. User environmental information is collected using device fingerprint, wireless access point, Bluetooth, and global positioning system information. To evaluate the performance of the proposed scheme, we perform experiments using a total of 1320 behavioral and environmental data collected from 22 participants. The scheme achieves an average equal error rate of 6.27% when using both behavioral and environmental data collected from only a smartphone. Moreover, it achieves an average equal error rate of 0% when using both behavioral and environmental data collected from a smartphone and smart watch. Therefore, the proposed scheme can be employed for more secure SMS authentication. View Full-Text
Share & Cite This Article
Ryu, G.; Kim, S.-H.; Choi, D. Implicit Secondary Authentication for Sustainable SMS Authentication. Sustainability 2019, 11, 279.
Ryu G, Kim S-H, Choi D. Implicit Secondary Authentication for Sustainable SMS Authentication. Sustainability. 2019; 11(1):279.Chicago/Turabian Style
Ryu, Gwonsang; Kim, Seung-Hyun; Choi, Daeseon. 2019. "Implicit Secondary Authentication for Sustainable SMS Authentication." Sustainability 11, no. 1: 279.
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.