International Journal of Scientific & Technology Research

IJSTR@Facebook IJSTR@Twitter IJSTR@Linkedin
Home About Us Scope Editorial Board Blog/Latest News Contact Us

IJSTR >> Volume 5 - Issue 10, November 2016 Edition

International Journal of Scientific & Technology Research  
International Journal of Scientific & Technology Research

Website: http://www.ijstr.org

ISSN 2277-8616

Security Gaps In Authentication Factor Credentials

[Full Text]



Neeraj A. Sharma, Mohammed Farik



Authentication, Biometrics, Cards, Passwords, PIN, Retinal Scan



Authentication factors refer to user login credentials that a user supplies to an authentication process for it to decide whether to grant or deny access. While two-factor and three-factor authentication generally provides better security than one-factor authentication, the aim of this paper is to review, security in individual authentication factor credentials that are in use nowadays. These credentials will be discussed in factor categories – knowledge factor, possession factor, and inherence factor. The paper details current security gaps and some novel approaches to diminish the gaps in these authentication factors. We believe that our recommendations will inspire development of better authentication credentials and systems.



[1] M. Rouse. "What is authentication? - Definition from WhatIs.com.[online] SearchSecurity. ," 17 Sep. 2016, 2016; http://searchsecurity.techtarget.com/definition/authentication.

[2] CompTIA Network+, United States of America: Axzo Press, 2009.

[3] H. Abie. "Different Ways to Authenticate Users with the Pros and Cons of each Method.," 28 Sep. 2016, 2016; http://www.academia.edu/19482213/Different_Ways_to_Authenticate_Users_with_the_Pros_and_Cons_of_each_Method.

[4] Smartcardalliance.org. "Alliance Activities: Publications: Benefits of Smart Cards versus Magnetic Stripe Cards for Healthcare Applications » Smart Card Alliance.," 28 Sep. 2016, 2016; http://www.smartcardalliance.org/publications-benefits-of-smart-cards-versus-magnetic-stripe-cards-for-healthcare-applications/.

[5] Y. Wang. "Password Protected Smart Card and Memory Stick Authentication Against Off-line Dictionary Attacks.," 18 Sep.. 2016, 2016; https://eprint.iacr.org/2012/120.pdf

[6] J. Auth. "Fingerprint authentication | Authasas Advanced Authentication.," 23 Sep. 2016, 2016; http://www.authasas.com/products/diversity-of-supported-authentication-types-and-devices/biometric-authentication/.

[7] S. Xu, Li, M., Ding, J. and Cui, Y., Personal Identification by Fusing Hand Shape Geometry and Palmprint Features. , p.^pp. AMM, 278-280, pp.1228-1231., 2013.

[8] J. Trader. "Iris Recognition vs. Retina Scanning – What are the Differences?. [Blog] M2SYS Blog On Biometric Technology. ," 20 Sep. 2016, 2016; http://blog.m2sys.com/biometric-hardware/iris-recognition-vs-retina-scanning-what-are-the-differences/

[9] Wikipedia. "Speaker recognition.," 27 Sep. 2016, 2016; https://en.wikipedia.org/wiki/Speaker_recognition

[10] Biometric-solutions.com. "Face recognition.," 27 Sep. 2016, 2016; http://www.biometric-solutions.com/solutions/index.php?story=face_recognition

[11] K. D. A. S. Syed Navaz, “Signature Authentication Using Biometric Methods,” IJSR, vol. 5, no. 1, pp. pp.1581-1584., 2016.

[12] S. Mahnken, Today's authentication options: the need for adaptive multifactor authentication. Biometric Technology Today., p.^pp. pp.8-10, 2014.

[13] Biometrics.pbworks.com. "Biometrics / Advantages and disadvantages of technologies.," 28 Sep. 2016, 2016; http://biometrics.pbworks.com/w/page/14811349/Advantages%20and%20disadvantages%20of%20technologies

[14] J. a. T. Edgell, A. "4 Limitations of Facial Recognition Technology.," 28 Sep. 2016, 2016; http://www.fedtechmagazine.com/article/2013/11/4-limitations-facial-recognition-technology

[15] L. Myers, “An Exploration of Voice Biometrics,” SANS Institute, 2004.

[16] S. R. N. Pavešic, D. Ribaric, “Personal authentication using hand-geometry and palmprint features – the state of the art,” 2016.

[17] B. Q. M. Nguyen Minh Duc. "Your face is NOT your password Face Authentication By Passing Lenovo – Asus – Toshiba " 20 Oct, 2016, 2016; https://www.blackhat.com/presentations/bh-dc-09/Nguyen/BlackHat-DC-09-Nguyen-Face-not-your-password.pdf.

[18] D. L. Peter VARCHOL, “Using of Hand Geometry in Biometric Security Systems,” 2016.

[19] A. C. Bichlien Hoang. "Biometrics," 20 Oct. 2016, 2016; https://www.ieee.org/publications_standards/publications/authors/sample_biometrics_pdf.pdf.

[20] M. Farik, S. Ali, “Analysis Of Default Passwords In Routers Against Brute-Force Attack,” Internation Journal of Scientific & Technology Research, vol. 4, no. 09, pp. 341-345, 2015.

[21] P. S. Calculator. "Understanding Password Attacks," 19 Oct. 2016, 2016; http://passwordstrengthcalculator.org/.

[22] T. P. Meter. "Test Your Password," 19 Oct. 2016, 2016; http://www.passwordmeter.com/.

[23] TrackR. "Find Lost Items In Seconds," 19 Oct. 2016, 2016; https://www.thetrackr.com/.