Skip to main content

An Interface Between Legacy and Modern Mobile Devices for Digital Identity

  • Conference paper
  • First Online:
Emerging Technologies for Authorization and Authentication (ETAA 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13136))

  • 522 Accesses

Abstract

In developing regions a substantial number of users rely on legacy and ultra-low-cost mobile devices. Unfortunately, many of these devices are not equipped to run the standard authentication or identity apps that are available for smartphones. Increasingly, apps that display Quick Response (QR) codes are being used to communicate personal credentials (e.g., Covid-19 vaccination certificates). This paper describes a novel interface for QR code credentials that is compatible with legacy mobile devices. Our solution, which we have released under open source licensing, allows Web Application Enabled legacy mobile devices to load and display standard QR codes. This technique makes modern identity platforms available to previously excluded and economically disadvantaged populations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 44.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 59.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Demonstration videos can be found at: https://tiny.cc/ETAA2021_demos and a sample implementation here: https://github.com/alan-turing-institute/grID.

References

  1. WAP Service Developer’s Guide for Nokia Series 30 Phones with WML Browser. Tech. rep., NOKIA (2003)

    Google Scholar 

  2. Automatic identification and data capture techniques - QR Code bar code symbology specification. Tech. rep., World Health Organisation (2015)

    Google Scholar 

  3. The Mobile Economy Sub-Saharan Africa 2020. Tech. rep., GSMA (2020)

    Google Scholar 

  4. EU Digital COVID Certificate Factsheet. Tech. rep., EU Commission (2021)

    Google Scholar 

  5. Interim guidance for developing a Smart Vaccination Certificate. Tech. rep., ISO/IEC (2021)

    Google Scholar 

  6. Two-dimensional code having rectangular region provided with specific patterns to specify cell positions and distinction from background, DENSO Wave Corporation (1994)

    Google Scholar 

  7. Baqer, K., Anderson, R., Mutegi, L., Payne, J.A., Sevilla, J.: Digitally: Piloting offline payments for phones. In: Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017), USENIX Association (2017). https://www.usenix.org/conference/soups2017/technical-sessions/presentation/baqer

  8. Baqer, K., Bezuidenhoudt, J., Anderson, R., Kuhn, M.: SMAPs: short message authentication protocols. In: Anderson, J., Matyáš, V., Christianson, B., Stajano, F. (eds.) Security Protocols 2016. LNCS, vol. 10368, pp. 119–132. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-62033-6_15

    Chapter  Google Scholar 

  9. Faltstrom, P., Ljunggren, F., Gulik, V.D.W.: The Base45 Data Encoding. Tech. rep, Active Internet-Draft, Network Working Group (2021)

    Google Scholar 

  10. Hughes, N., Lonie, S.: M-PESA: Mobile Money for the “Unbanked” Turning Cellphones into 24-Hour Tellers in Kenya. Technology, Governance, Globalization, Innovations (2007)

    Google Scholar 

  11. Jack, W., Suri, T.: Mobile money: The economics of m-pesa. Tech. rep, National Bureau of Economic Research (2011)

    Google Scholar 

  12. Krell, N.T., et al.: Smallholder farmers’ use of mobile phone services in central Kenya. Climate and Development (2021)

    Google Scholar 

  13. Krimpe, J.: Mobile ID: crucial element of m-government. In: Proceedings of the 2014 Conference on Electronic Governance and Open Society: Challenges in Eurasia. Association for Computing Machinery (2014)

    Google Scholar 

  14. Laud, P., Roos, M.: Formal analysis of the estonian Mobile-ID protocol. In: Jøsang, A., Maseng, T., Knapskog, S.J. (eds.) NordSec 2009. LNCS, vol. 5838, pp. 271–286. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04766-4_19

    Chapter  Google Scholar 

  15. Lei, Z., Nan, Y., Fratantonio, Y., Bianchi, A.: On the insecurity of SMS one-time password messages against local attackers in modern mobile devices. In: Proceedings of the 2021 Network and Distributed System Security Symposium (2021)

    Google Scholar 

  16. Ma, S., et al.: An empirical study of SMS one-time password authentication in android apps. In: Association for Computing Machinery (2019)

    Google Scholar 

  17. Panjwani, S., Cutrell, E.: Usably Secure, Low-Cost Authentication for Mobile Banking. In: Association for Computing Machinery (2010)

    Google Scholar 

  18. Rescorla, E.: The transport layer security (TLS) protocol version 1.3 (2018)

    Google Scholar 

  19. Sharma, C., Nakamura, Y.: Wireless Data Services: Technologies, Business Models and Global Markets. Cambridge University Press, Cambridge (2003)

    Book  Google Scholar 

  20. Yoo, C., Kang, B.-T., Kim, H.K.: Case study of the vulnerability of OTP implemented in internet banking systems of South Korea. Multimedia Tools Appl. 74(10), 3289–3303 (2014). https://doi.org/10.1007/s11042-014-1888-3

    Article  Google Scholar 

Download references

Acknowledgments

This work was done for The Alan Turing institute. This work was supported, in whole or in part, by the Bill & Melinda Gates Foundation [INV-001309]. Under the grant conditions of the Foundation, a Creative Commons Attribution 4.0 Generic License has already been assigned to the Author Accepted Manuscript version that might arise from this submission.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Vasilios Mavroudis .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Mavroudis, V., Hicks, C., Crowcroft, J. (2021). An Interface Between Legacy and Modern Mobile Devices for Digital Identity. In: Saracino, A., Mori, P. (eds) Emerging Technologies for Authorization and Authentication. ETAA 2021. Lecture Notes in Computer Science(), vol 13136. Springer, Cham. https://doi.org/10.1007/978-3-030-93747-8_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-93747-8_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-93746-1

  • Online ISBN: 978-3-030-93747-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics