A Secure Method for Signing in Using Quick Response Codes with Mobile Authentication
This addresses privacy threats for users signing into web accounts from untrusted terminals, though it appears incremental as it builds on existing mobile authentication techniques.
The paper tackles the problem of secure web sign-in on unreliable terminals vulnerable to keyloggers by proposing a method using QR codes and mobile authentication, allowing users to authenticate sessions via their mobile devices.
The emerging threats to user privacy over the internet are increasing at an alarming rate. Signing in from an unreliable terminal into a web account may result in compromising private details of a user such as username and password, by means of keylogger software. Such software are capable of recording keystrokes secretly, via covert channels without the knowledge of the user. In this paper we propose a secure method for signing in using Quick Response (QR) codes with mobile authentication. Through this method, the user can securely sign-in into a web account by authenticating the user session on an unreliable terminal browser, using a mobile device.