A visual one-time password authentication scheme using mobile devices

Yang Wai Chow, Willy Susilo, Man Ho Allen Au, Ari Moesriami Barmawi

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

9 Citations (Scopus)


The use of passwords for user authentication has become ubiquitous in our everyday lives. However, password theft is becoming a common occurrence due to a variety of security problems associated with passwords. As such, many organizations are moving towards adopting alternative solutions like one-time passwords, which are only valid for a single session. Nevertheless, various one-time password schemes also suffer from a number of drawbacks in terms of their method of generation or delivery. This paper presents the design of a challenge-response visual one-time password authentication scheme that is to be used in conjunction with the camera on a mobile device. The main purpose of the proposed scheme is to be able to send a challenge over a public channel for a user to obtain a session key, while safeguarding the user’s long-term secret key. In this paper, we present the authentication protocol, the various design considerations and the advantages provided by the scheme.
Original languageEnglish
Title of host publicationInformation and Communications Security - 16th International Conference, ICICS 2014, Revised Selected Papers
PublisherSpringer Verlag
Number of pages15
ISBN (Print)9783319219653
Publication statusPublished - 1 Jan 2015
Event16th International Conference on Information and Communications Security, ICICS 2014 - Hong Kong, Hong Kong
Duration: 16 Dec 201417 Dec 2014

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference16th International Conference on Information and Communications Security, ICICS 2014
Country/TerritoryHong Kong
CityHong Kong


  • Authentication
  • Mobile device
  • One-time password
  • Visual cryptography

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'A visual one-time password authentication scheme using mobile devices'. Together they form a unique fingerprint.

Cite this