Transparent Multifactor Authentication Algorithm Based on Geolocation

Carlos Javier Garcia-Trevino; Jesus Arturo Perez-Diaz; Cesar Vargas-Rosales; Mahdi Zareei

doi:10.1109/ACCESS.2024.3412691

IEEE Access (Jan 2024)

Transparent Multifactor Authentication Algorithm Based on Geolocation

Carlos Javier Garcia-Trevino,
Jesus Arturo Perez-Diaz,
Cesar Vargas-Rosales,
Mahdi Zareei

Affiliations

Carlos Javier Garcia-Trevino: ORCiD; School of Engineering and Sciences, Tecnologico de Monterrey, Monterrey, Mexico
Jesus Arturo Perez-Diaz: ORCiD; School of Engineering and Sciences, Tecnologico de Monterrey, Monterrey, Mexico
Cesar Vargas-Rosales: ORCiD; School of Engineering and Sciences, Tecnologico de Monterrey, Monterrey, Mexico
Mahdi Zareei: ORCiD; School of Engineering and Sciences, Tecnologico de Monterrey, Monterrey, Mexico

DOI: https://doi.org/10.1109/ACCESS.2024.3412691
Journal volume & issue: Vol. 12
pp. 84691 – 84705

Abstract

Read online

Mexico exhibits one of the highest rates of identity theft in relation to bank accounts, with 56% of cardholders encountering fraudulent processes. Consequently, financial institutions have elevated security measures in their authentication protocols and implemented more robust procedures. To address this issue, this study advocates a multifactor authentication approach wherein an algorithm incorporates the user’s location as a transparent authentication factor. Traditional multifactor authentication techniques typically necessitate intricate combinations of factors, including passwords, biometrics, external hardware, or time-based one-time passwords, to enhance security levels, albeit inadvertently introducing cumbersome steps. This research proposes a simple authentication implementation that retains the benefits of complex multifactor procedures -such as precision, accuracy, and security-, with the additional feature of utilizing an imperceptible location factor. The experimental phase encompasses the development of two functional prototypes: a software implementation on the Android environment -tested in 79 distinct locations-, and an implementation on Arduino hardware -tested in four locations-. These experiments were conducted in real-world scenarios, spanning a 21-day period, and involving data collection from different participants. The most significant result of this research is intricately linked to the runtime of each authentication process, where the average time elapsed from the user input stage to the completion of the validation section is 1.76 seconds. This time optimization is primarily attributed to the integration of native Android libraries. The findings demonstrate that it is possible to attain 100% accuracy for all secure locations with a 12-meter radius in 1.76 seconds in the case of the Android app. As for the Arduino-based security box, a 100% accuracy rate in all opening attempts is possible by employing a radius of 30 meters. The research endeavors to emphasize the versatility and applicability of the proposed solution for integration into diverse real-world scenarios where the preservation of data integrity holds utmost importance.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords