A Theoretical Proposal of Two-Factor Authentication in Smartphones

Sammanfattning: Context. For a user to gain access to a protected resource on the web,the user needs to get authenticated. There are different forms of authenti-cation, among the most common is the ordinary user name and passwordscheme. This scheme is very simple to implement, but it suffers from se-curity vulnerabilities and requires the user to remember passwords to allaccounts. Two-factor authentication could be one answer to increase thesecurity where one-factor authentication is lacking. However, depending onthe implementation, two-factor authentication could still be insecure andeven more user-unfriendly. Objectives.  In this study, we investigate if our implementation of two-factor authentication has any advantages to existing ones. Our goal is topresent a secure and user-friendly authentication scheme that uses bothpassword and fingerprint. Methods. A literary study was performed in order to collect informationon similar systems and subjects in order to build a comparable authentica-tion model. The collected information and proposed model was then usedto analyze possible drawbacks and to answer research questions. Results. Results derive from the comparison between our proposed modeland two Google two-factor authentication solutions. Conclusions. The results yielded from the literary study and analysisshows that our proposed model does not add any advantages concerningsecurity. Our model does however provide better ease of use in comparisonwith similar two-factor authentication solutions from Google.