Abstract:
The usage of Android smart phones is very popular now a days and dramatically
increasing around the globe since 2008. Android smart phones are
more powerful today than are and getting smarter day by day. It provides
rich functionality under one umbrella with state of the art hardware support.
It may contain data including personal or even sensitive information. Unauthorized
access of an Android device could be dangerous and prone to reveal
secret information. In smart phones a secure authentication mechanism is
required to protect user's privacy, crucial information or even access to critical
applications.
Android provides built-in authentication system typically knowledge based.
In some cases Androids built-in authentication system is vulnerable to several
attacks.
In this research, we propose SmartAuth, a secure and usable authentication
mechanism for NFC enabled Android devices using contactless smartcard.
The SmartAuth application provides ownership bases authentication
system using contactless smart-card via NFC in an Android device. The
SmartAuth uses industry standards encryption algorithms for secure authentication.
The proposed solution can be used in an Android device for authentication
purposes including but not limited to 1) lock screen, 2) lock an application,
3) login for applications and 4) multi-factor authentication using contactless
smartcard and Android device on web cloud. The proposed authentication
mechanism is implemented without any change in Android code.
