Open Access  Subscription or Fee Access

Authentication is the first line of defense against compromising confidentiality and integrity. Though traditional login/password based schemes are easy to implement, they have been subjected to several attacks. As an alternative, token and biometric based authentication systems were introduced. However, they have not improved substantially to justify the investment. Thus, a variation to the login/password scheme, viz. graphical scheme was introduced. But it also suffered due to shoulder-surfing and screen dump attacks. In this paper, we introduce a framework of our proposed (IPSPA) Implicit Passpoint Scheme for Password Authentication, which is immune to the Common attacks suffered by other authentication schemes and using mathematics techniques to reduce time complexity.

Graphical Password, Authentication, Mobile Banking, Security

Sabzevar, A.P. & Stavrou, A., 2008,” Universal Multi-Factor Authentication Using Graphical Passwords”, IEEE International Conference on Signal Image Technology and Internet Based Systems (SITIS).

Haichang, G., L. Xiyang, et al. (2009). “Design and Analysis of a Graphical Password Scheme”, Innovative Computing, Information and Control (ICICIC), 2009 Fourth International Conference on Graphical Passwords.

Pierce JD, Jason G. Wells, Matthew J. Warren, & David R. Mackay. (2003). “A Conceptual Model for Graphical Authentication”, 1st Australian Information security Management Conference, 24 Sept. Perth, Western Australia, paper 16.

Xiaoyuan, S., Z. Ying, et al. (2005). “Graphical passwords: a survey”, Computer Security Applications Conference, 21st Annual.

Wells, Jason; Hutchinson, Damien; and Pierce, Justin, "Enhanced Security for Preventing Man-in-the-Middle Attacks in Authentication, formation Security Management Conference. Paper 58.

Takada, T. and H. Koike (2003). “Awase-E: Image-Based Authentication for Mobile Phones Using User’s Favorite Images”, Human-Computer Interaction with Mobile Devices and Services, Springer Berlin / Heidelberg. 2795: 347-351.

Dirik, A. E., N. Memon, et al. (2007). “Modeling user choice in the PassPoints graphical password scheme”, Proceedings of the 3rd symposium on Usable privacy and security. Pittsburgh, Pennsylvania, ACM

Wei-Chi, K. and T. Maw-Jinn (2005). “A Remote User Authentication Scheme Using Strong Graphical Passwords”, Local Computer Networks, 2005. 30th Anniversary.

Lashkari, A. H., F. Towhidi, et al. (2009). “A Complete Comparison on Pure and Cued Recall-Based Graphical User Authentication Algorithms”, Computer and Electrical Engineering, 2009. ICCEE '09. Second International Conference.

Renaud, K. (2009)."On user involvement in production of images used in visual authentication." J. Vis. Lang. Comput. 20(1): 1-15.

Masrom, M., F. Towhidi, et al. (2009). “Pure and cued recall-based graphical user authentication”, Application of Information and Communication Technologies, 2009. AICT 2009. International Conference.

Birget, J. C., H. Dawei, et al. (2006). "Graphical passwords based on robust discretization", Information Forensics and Security, IEEE Transactions on 1(3): 395-399.

S. Wiedenbeck, J. Waters, J.C. Birget, A. Brodskiy, N. Memon, ``PassPoints: Design and longitudinal evaluation of a graphical password system'', International J. of Human-Computer Studies (Special Issue on HCI Research in Privacy and Security), 63 (2005) 102-127.

S. Wiedenbeck, J. Waters, J.C. Birget, A. Brodskiy, N. Memon, ``Authentication using graphical passwords: Effects of tolerance and image choice'', Symposium on Usable Privacy and Security (SOUPS), 6-8 July 2005, at Carnegie-Mellon Univ., Pittsburgh.