摘要:Recently, convenience of mobile devices has been used for payment services such as Internet banking,electronic commerce, and transactions on the Stock Exchange. It is essential to ensure confidentiality,integrity and mutual authentication. The mutual authentication is of the utmost importance in terms ofsecurity in public networks. Until now, it has been difficult to protect against various attacks in the userauthentication method that used authentication means such as password / random number and unidirectionalfunction. In order to solve these security weaknesses, The QR_code authentication system using mobileapplication(BAS-MA) has been proposed to solve the limitations of passwords by using OTP on mobiledevices and to store information in QR codes. This method defines a protocol for generating andtransmitting QR codes to legitimate users. However, the structure of BAS_MA is vulnerable to MITMattack, pharming attack, and keylog attack. In this paper, I propose an authentication center based OTPmutual authentication system that can withstand various attacks by using OTP generation and QR code inmobile devices.
