Abstract
The recent increase in smartphone supply drives more users to utilize mobile financial services and it magnifies the importance of mobile security solutions. But it is not easy to defend cyber-attacks against financial services because the attacks get more diverse every year. The recent solution, OTP (one time password), is the most commonly used financial security measure to defend session attacks, but the downside is that it is hard to implement differentiated OTP creation mechanism to it. This research intends to solve the problem by suggesting Two-Factor authentication mechanism that utilizes graphical OTP. It is an extension of OTP mechanism which implements the graphical one time password to mobile financial security to reinforce mobile's way of authenticating with only ID and Password or digital certificate from banks; and it will defend against more diverse mobile hackings.
Acknowledgements
This research was supported by the MKE (Ministry of Knowledge Economy), Korea, under the ‘Employment Contract based Master's Degree Program for Information Security’ supervised by the KISA (Korea Internet Security Agency).