With the evolution of information technologies, mobile devices e.g., cell phone, personal digital assistant, and notebook PC have swamped all domains of the active life. At anytime and anywhere, they are in research of service to satisfy their immediate needs. The services are remotely provided and implemented in sites that verify the legitimacy of the user over an insecure communication channel. The mechanism that authenticates remote user and allows legitimate users to access network services over insecure communication network is known by remote user authentication. Smart card-based authentication is one of the most widely used and practical solutions to remote user authentication. In this paper, we propose a smart card-based authentication scheme that aims to provide more functionality to resist well-known attacks. It provides both user anonymity and mutual authentication in simple and efficient mechanism that can be applicable to limited resources. This mechanism can be suitable to ubiquitous computing environments in which a variety of wireless mobile devices with limited power and computation capacity are deployed. Copyright © 2015 John Wiley & Sons, Ltd.