NFC Based Mobile Single Sign-On Solution as a Chrome Extension

Abstract

We describe the design and implementation of Single Sign-On authentication solution that uses a Near Field Communication enabled mobile phone. Such a solution relieves the users from remembering multiple username and passwords when authenticating themselves to various services on the internet. Mobile phones are today's ubiquitous computing devices, used for a wide variety of purposes including authentication, tracking, medical care, entertainment and electronic payment. The primary advantage of NFC technology is that since it uses short range communication, it inherently provides another level of security, and being contactless, it is easy to use. Our solution is seamlessly integrated into the Chrome browser via a browser extension that allows users easy authentication and management personal information on the phone. The Google Chrome extension is written in JavaScript; However, this code (JavaScript) when running in a browser, cannot access the system resources of the computer due to browser security restrictions. Therefore a program written as a Java applet is implemented to run in the user's computer. This applet, injected into the current web page by the extension, provides access to NFC Reader and supplies the bridge between Java and JavaScript. The user does not need to enter any account information, because it is retrieved from the phone via NFC and automatically submitted to the web login page.