Implementing Existing Authentication Models In USSD Channel

Abstract

Unstructured Supplementary service data (USSD), a capability built-in Global System for Mobile Communication (GSM) mobile phones, is one of the technologies that make use of the direct PIN entry method. Sadly, the Direct PIN entry method is susceptible to shoulder surfing attacks. USSD technology is text-based, as a result, supports only authentication methods that are in plain text. As a result of this, existing user authentication models against shoulder surfing cannot be implemented on USSD technology. The user authentication model is an area of research interest as a result of the high level of insecurity associated with the proliferation of mobile-based services. The user authentication model has gained more research attention in recent years. Various authentication models against shoulder surfing attacks have been proposed, adopted, and implemented in recent years, yet the authentication model against shoulder surfing attacks that can be implemented in the USSD channel remains an area of research interest. Many existing Authentication models against Human shoulder surfing attacks are applications that use graphical, textual, and biometric (primary and soft) techniques that are based on, image display, image capturing, colors, and so on. In this paper, an attempt has been made to identify why a direct PIN entry method that is prone to attack is still implemented in the USSD channel while there are many strong authentication models against shoulder surfing attacks in existence. To do this, some existing authentication models against shoulder surfing attacks were analyzed and their model requirements identified.