Secure User Authentication System Using Image-Based OTP and Randomize Numeric OTP Based on User Unique Biometric Image and Digit Repositioning Scheme

  • Ramkrishna Das
  • Sarbajit Manna
  • Saurabh Dutta
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 470)


Proposed system introduces a combined one time password (OTP)-based authentication system where image OTP is used in first level and numeric OTP is used in the second level of authentication. Server randomly selects an image as image OTP and encrypts it using user unique biometric image and user-defined Bit-wise Masking and Alternate Sequence (BWMAS) operation. This encrypted image OTP will be shared and to be decrypt by the user. Then the system generates a large random number as first part of numeric OTP within a range where range value is derived from the user password. Second part of numeric OTP is generated from the values of randomly selected blocks of the randomly selected pixels of user biometric image. Finally we combine those OTPs using alternate merging and generate intermediate numeric OTP which will be shared from server to user. Final numeric OTP will be generated in user and server end from intermediate OTP using user-defined digit repositioning scheme chosen by user. Random generation of numeric and image OTP, distribution of encrypted image OTP and formation of final numeric OTP using digit repositioning scheme impose a great security to the system.


Image-based OTP Numeric OTP BWMAS operation Random selection Biometric image Digit repositioning scheme 


  1. 1.
    V.R.S. Mali, Graphical password as an OTP. Int. J. Eng. Comput. Sci. 6(1), 20090–20095 (2017)Google Scholar
  2. 2.
  3. 3.
  4. 4.
    K. Srinivas, V. Janaki, A novel approach for generation of OTP’S using image’s, in International Conference on Computational Modeling and Security (CMS), 2016, Procedia Computer Science, vol. 85 (ScienceDirect, 2016), pp. 511–518,
  5. 5.
    Y. Huang, Z. Huang, H. Zhao, X. Lai, A new one-time password method, in International Conference on Electronic Engineering and Computer Science, 2013, IERI Procedia, vol. 4 ( ScienceDirect, 2013), pp. 32–37,
  6. 6.
    A. Shesashaayee, D. Sumathy, OTP encryption techniques in mobiles for authentication and transaction security. Int. J. Innov. Res. Comput. Commun. Eng. 2(10), 6192–6201 (2014)Google Scholar
  7. 7.
    N. Vishwakarma, K. Gangrade, Secure image based one time password. Int. J. Sci. Res. (IJSR) 5(11), 680–683 (2016)Google Scholar
  8. 8.
    B.K. Kushwaha, An approach for user authentication one time passward (Numeric and graphical) scheme. J. Glob. Res. Comput. Sci. 3(11), 54–57 (2012)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2017

Authors and Affiliations

  1. 1.Department of Computer ApplicationsHaldia Institute of TechnologyHaldiaIndia
  2. 2.Department of Computer ScienceRamakrishna Mission VidyamandiraHowrahIndia
  3. 3.Department of Computer ApplicationsDr. B. C. Roy Engineering CollegeDurgapurIndia

Personalised recommendations