Title :
Secure and Inclusive Authentication with a Talking Mobile One-Time-Password Client
Author :
Fuglerud, Kristin S. ; Dale, Øystein
Author_Institution :
E-Inclusion team, Norwegian Comput. Centre, Norway
Abstract :
Cumbersome and complicated authentication procedures to access sensitive online services such as Internet banking can be a nuisance. For people with disabilities or the elderly, poorly designed identity management systems can preclude usage altogether. This article presents a secure and accessible multimodal authentication method to log in to an Internet banking service. The method uses a one-time-password (OTP) client installed on a mobile phone that replaces dedicated OTP generators. The client provides both visual and auditory output, and is based on an application approved for secure log-in to sensitive online services. It allows usage by people whose functional impairments adversely affect their ability to use existing solutions. The authors also discuss implications for development, and make several recommendations for designing usable and accessible security applications and solutions.
Keywords :
Internet; banking; handicapped aids; message authentication; mobile computing; Internet banking; OTP generators; identity management systems; inclusive authentication; online services; people with disabilities; talking mobile one-time-password client; Access control; Access protocols; Authentication; Mobile communication; Mobile handsets; authentication; human factors in software design; microcomputers; portable devices; security and privacy protection; usability testing; user interfaces;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2010.204
