SUAM: SoftCard User’s Authentication Model

This is a prototype of MSc. dissertation project on Two-factor User’s authentication over internet in the University of Greenwich, London.SUAM is a concept of user authentication protocol in card-not-present scenario over internet. It is one of the solutions to meet the regularity requirement of two-factor authentication in on-line banking or e-payment by credit/debit cards over internet. This concept i.e. using encrypted file as one of the factor, something you have in authentication model addresses the major issues of technologies: usability, user’s perception and portability. In this model by entering password, something she knows and attaching an encrypted file, something she has across internet a user perceives similar experience of Two-factor authentication as observed in card-present scenario while shopping in the supermarket or withdrawing cash from ATM machines. This concept uses the symmetrical encryption technology where a card issuer distributes an encrypted file in the e-mail, called SoftCard which conceals at least the hashed value of card number, password, nonce, and timestamp. This model authenticates the user by comparing the hashed value of password entered by user with the hashed value of password inside the SoftCard in the same way as the most of the POS does in a card present scenario.