Abstract
A new multifactor authentication model has been proposed for Bangladesh taking cost-effectiveness in primary concern. We considered two-factor authentications in our previous e-service models which were proven to be insufficient in terms of phishing attack. Users often fail to identify phishing site and provide confidential information unintentionally, resulting in a successful phishing attempt. As a result, phishing can be considered as one of the most serious issues and required to be addressed and mitigated. Three factors were included to form multifactor authentication, namely, user ID, secured image with caption, and one-time password. Through the survey, the proposed multifactor model is proven to be better by 59% points for total users which comprises 55% points for technical users and 64% points for nontechnical users in comparison to traditional two-factor authentication model. Since the results and recommendations from the user were reflected in the model, user satisfaction was achieved.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mahmud, A., & Sattar, A. (2013). ‘ICTization framework’: A conceptual development model through ICT modernization in Bangladesh, Published. In Advanced Computer Science Applications and Technologies (ACSAT), 2013 International Conference, Malaysia. 23–24 Dec. 2013, 19 June 2014, 978-1-4799-2758-6, Publisher: IEEE.
Mahmud, A., & Sattar, A. (2014). Deployment of contextual mobile payment system: A prospective e-service based on ICTization framework from Bangladesh perspective. In Proceedings of the International Conference on Advances in Computer Science and Electronics Engineering—CSEE 2014, Copyright © Institute of Research Engineers and Doctors. All rights reserved. ISBN: 978-1-63248-000-2.
Mahmud, A., & Sattar, A. (2016) Deployment of contextual E-healthcare system: A prospective e-service based on context aware conceptual framework and ICTization framework model. In 2016 IEEE 11th Conference, Hefei, China, 5–7 June 201624 October 2016, Electronic ISBN: 978-1-4673-8644-9, 978-1-5090-2605-0, Publisher: IEEE.
Khonji, M., Iraqi, Y., & Jones, A. (2013). Phishing detection: A literature survey. IEEE Communications Surveys & Tutorials, 15, 2091–2121.
HUANG, H., TAN, J. & LIU, L. (2009). Countermeasure techniques for deceptive phishing attack. In International Conference on, 2009. New Trends in Information and Service Science, NISS’09. IEEE, pp. 636–641.
Weider, et al. (2008). A phishing vulnerability analysis of web based Systems. In IEEE Symposium on Computers and Communications. ISCC 2008. 2008. IEEE, 326–331.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Zahid Hasan, M., Sattar, A., Mahmud, A., Talukder, K.H. (2019). A Multifactor Authentication Model to Mitigate the Phishing Attack of E-Service Systems from Bangladesh Perspective. In: Shetty, N., Patnaik, L., Nagaraj, H., Hamsavath, P., Nalini, N. (eds) Emerging Research in Computing, Information, Communication and Applications. Advances in Intelligent Systems and Computing, vol 882. Springer, Singapore. https://doi.org/10.1007/978-981-13-5953-8_7
Download citation
DOI: https://doi.org/10.1007/978-981-13-5953-8_7
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-5952-1
Online ISBN: 978-981-13-5953-8
eBook Packages: EngineeringEngineering (R0)