Due to different factors like increasing computing power and inherent difficulties in finding safe and memorable passwords, password-based authentication is nowadays considered as insufficient and insecure. Increasingly, methods for two-factor authentication are being pushed by the industry and multiple standards in that domain have risen. In practice, these methods are often based on a hardware token, leading to new issues, for instance, increased costs and risks of loss. To alleviate these issues, we propose a protocol for online, two-factor authentication based on existing electronic machine readable travel documents (eMRTDs). The eMRTD online authentication protocol (MoA) provides a secure and intuitive option for log-in to web- and mobile applications using such documents, found in many countries today.

Published in: World Congress on Internet Security (WorldCIS-2017)

  • Date of Conference: 11-14 December 2017
  • DOI: 10.2053/WorldCIS.2017.0007
  • ISBN: 978-1-908320-81-0
  • Conference Location: University of Cambridge, UK