Mobile User Authentication System for E-commerce Applications

Molla, R., Romdhani, I., Buchanan, W., Fadel, Etimad Y. (2014). Mobile User Authentication System for E-commerce Applications. In: (Ed.) International Conference on Advanced Networking, Distributed Systems and Applications 2014, , () ( ed.). (pp. ). : . IEEE.



E-commerce applications provide on-line clients and merchants with a quick and convenient way to exchange goods and services. However, the deployment of these applications is still facing many problems such as security threats; and on-line attacks. These often cause users to be concerned about their own privacy and encourage them to stop using on-line methods for exchanging goods and services. Thus, a number of on-line authentication technologies and methods have been developed in order to authenticate users and merchants, verify their identities, and therefore overcome e-commerce security threats. In particular, stand-alone authentication solutions have been successful in authenticating legitimate clients and in defeating on-line attacks. However, they are often weak in overcoming the Man-In-The-Browser (MITB) attack, which is a type of Internet threat that infects a web-browser in a concealed fashion, and is invisible to both client and host applications. Overall it is considered as one of the most advanced and dangerous threats that faces current authentication solutions.
This paper presents a Mobile User Authentication System (MUAS) that uses QR code technology to authenticate on-line users, through a challenge/response protocol. Based on this mechanism, the system integrates different authentication technologies and methods to provide an improved and secure on-line user and merchant authentication system that overcomes MITB attack, without compromising usability and ubiquity.
[Read More]


William Buchanan
Director of CDCS
+44 131 455 2759
Imed Romdhani
Associate Professor
+44 131 455 2726
Rania Molla
Research student
+44 131 455

Areas of Expertise

Our future society, and its economy, will be built within a seamless environment of networked information resources. IIDI's Network Theme has been created to meet the demands of this society. Dr Ahmed Al-Dubai leads the Network Theme, which seeks to develop local human capital in the fields of...

Associated Projects

    Keywords: security