Securing one-time password generation using elliptic-curve cryptography with self-portrait photograph for mobile commerce application

Abstract

Over the decades, the security in mobile commerce application via One Time Password (OTP) plays a vital role. With new developments in mobile wallets, the volume of transactions increase globally and the need for securing transactions is still a challenging aspect. A strong user authentication mechanism is required since many of the attacks take minimum effort to break the security. User Authentication is a critical requirement since many of the attacks take minimum effort to break the security. Hence a novel cryptographic scheme is proposed to bridge the gap between security and authentication mechanisms. Initially, the scheme captures the user image to analyze the face for its structure, texture and feature identification. Once the image components are matched from the available template database user authentication is successful. To avoid conflict during template matching the face components are further subjected to segment location, radius and center of eyeballs at subpixellic accuracy. Iris matching is done via spatial histogram. If the iris information is similar, the Transaction Server (TS) generates OTP and sends it to the user mobile in order to complete the transaction. The proposed model is proven to be highly efficient against False Acceptance Rate (FAR) and False Rejection Rate (FRR) measures and is validated over Q- Fire dataset.