Design of a multifactor authentication system for automated teller machines.

Thumbnail Image
Kibaya, Peter
Journal Title
Journal ISSN
Volume Title
The University of Zambia
This research aims to design a multi-factor authentication system for automated teller machines (ATMs) that incorporates biometric fingerprint data and One Time passwords. This is so as to reduce the impact and subsequent loss by customers to card frauds. Banking transactions conducted through automated teller machines (ATMs) are vulnerable to fraud and identity theft. Implementing multifactor authentication (MFA) can significantly improve the security of ATM transactions. ATM debit and credit cards are susceptible to theft and card cloning making them a conduit for malicious actors to defraud bank customers. In this design, we propose the use of fingerprint authentication and One Time Passwords (OTPs) as a second and third factor in the MFA process. By requiring the user to randomly provide any one of the 10 fingerprints, OTP and the 4-digit PIN, the risk of fraudulent transactions is greatly reduced. We present a detailed design for integrating fingerprint authentication technology and OTPs for transaction authentication, including user enrolment, fingerprint capture, and verification processes. Overall, the proposed MFA system using fingerprint authentication has the potential to greatly enhance the security of ATM transactions and protect against fraudulent activity. The design aims to capture customer fingerprint data upon account opening as well as an ongoing Know Your Customer (KYC) exercise and map these to customer accounts. Users are then authenticated through a randomised mechanism that picks any one of the 10 fingerprints samples at each authentication request, requests a PIN for final authentication and an OTP for transaction authorization.
Master of Engineering in Information and Communication Technology Security In the School of Engineering
Multi-factor authentication system. , Multi-factor authentication solutions. , Computer security. , Systems and data security.