Enhancing the security of FinTech applications with map-based graphical password authentication

Weizhi Meng, L. Zhu, Wenjuan Li, Jinguang Han, Yan Li

Research output: Journal article publicationJournal articleAcademic researchpeer-review

36 Citations (Scopus)

Abstract

With the rapid development of information technology (IT) in financial industry, financial technology (FinTech) has become an emerging area for enterprises and organizations. Due to the wide adoption of IT, various FinTech applications are used by financial industry to help process information and offer financial services. Traditionally, textual passwords are the most widely deployed authentication mechanism, while having many known limitations. As a result, there is a need to enhance the security of FinTech authentication against cyber-criminals. As an alternative, graphical passwords (GPs) are considered as one promising solution to complement traditional password-based systems. In the literature, various GP schemes were proposed such as PassPoints, DAS, Cued Click Points, GeoPass, etc. In this work, we identify that multiple password inference has become a challenge for most GP schemes, and thus design RouteMap, a map-and route-based GP to further improve the security of FinTech applications. This scheme requires users to create a route on a world map as their credentials. In the evaluation, we involved a total of 120 participants, among which 60 of them have financial (FinTech) background, and investigated the performance of RouteMap by comparing it with two similar schemes. Our results demonstrate that participants can achieve better performance using RouteMap in the aspects of both authentication accuracy and multiple password memory. Our effort attempts to complement existing studies and stimulate more research on the combination of GP and FinTech.

Original languageEnglish
Pages (from-to)1018-1027
Number of pages10
JournalFuture Generation Computer Systems
Volume101
DOIs
Publication statusPublished - Dec 2019
Externally publishedYes

Keywords

  • FinTech application
  • Graphical passwords
  • Map passwords
  • Multiple password inference
  • Security and usability
  • User authentication

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Enhancing the security of FinTech applications with map-based graphical password authentication'. Together they form a unique fingerprint.

Cite this