Mutual authentication for cardless ATM withdrawal using location factor

Abstract

Many banks offer cardless ATMs, using a mobile banking application on the smartphone to overcome the high risk of attack with traditional PIN-based cards. Several pieces of research into cardless ATMs have focused on security strengthening, while others have focused on improving usability. Extra hardware devices may be required to increase both security and usability. This paper presents a location-based mutual authentication scheme. This technique combines both security and usability to achieve usable security without requiring additional hardware at the ATM machine. In addition, this paper analyses and discusses the security and usability issues of the proposed scheme, comparing with other systems using a simulation study. The results show that the proposed system has higher security levels with an equivalent standard of usability.