Abstract—Over the past decade, security and privacy concerns about the growing deployment of biometrics as a proof of identity have motivated researchers to investigate solutions such as cancellable biometrics to enhance the security of biometric systems. However, the open nature of newly emerged mobile authentication scenarios has made these solutions impractical and necessitated the need for new innovative solutions. This paper proposes an effective authentication scheme for remote users on mobile-handsets. The proposal incorporates cancellable biometrics with actual mobile-handset location to produce a one-time authentication token. For added security, the location is obtained and verified via two independent sources, and the authentication token is robustly stamped by the transaction time to guarantee the liveliness. This makes the proposed scheme immune against replay and other remote fraudulent attacks. Trials and simulations based on using biometric datasets and real GPS/Cellular measurements show the viability of our scheme for unattended and mobile authentication.
Index Terms—mutual authentication, biometrics, location verification, multi-factor authentication
Cite: Hisham Al-Assam, Ihsan A. Lami, and Torben Kuseler, "Integrating Cancellable Biometrics with Geographical Location for Effective Unattended Authentication of Users of Mobile Devices," Journal of Communications, vol. 8, no. 11, pp. 780-787, 2013. doi: 10.12720/jcm.8.11.780-787
Copyright © 2013-2023 Journal of Communications, All Rights Reserved