Academic literature on the topic 'Sim authentication messaggistica online'

A mobile identity authentication scheme of e-commerce based on proposed to solve the problem that present merchant system's digital certificate carrier is not convenient to carry and specific device can only be used for' specific service. Java-SIM card technology has optimized PKI operations, and supports multiple applets running independently and securely on one card. Using the java-SIM Card to store private key and do digital signature operations, users can conveniently and securely enjoy any merchant's any online transaction service.

Security is one of the significant worries of all associations which utilizes online methods for interchanges particularly banks. Of this, customer side is most defenseless against hacking, as the framework can't be totally shut when use over web by a typical customer is to be permitted. Most frameworks utilize a static password– based verification strategy which is anything but difficult to hack. There are different other validation strategies existing like cards, biometric recognizable proof, and so on. These strategies give better security, however are not material to online customer correspondence as these techniques require extraordinary gadgets for their usage. One conceivable technique for applying an upgraded factor of verification for online access to the framework is a dynamic secret word. In this venture we can plan the validation framework in light of key age, confirmation age and OTP based framework. The keys are created progressively utilizing Mobile IMEI number and SIM card number. The OTP age utilizes the components that are novel to the client and is introduced on a PDA in Android stage and furthermore cloud server claimed by PHP server. An OTP is legitimate for a minutes time, after which, is pointless. The framework in this way gives better customer level security – a straightforward minimal effort strategy which shields framework from hacking strategies, for example, speculating assault, answer assault, stolen and verifier assault and adjustment assault.

Purpose The purpose of this paper is to present a smartphone-based physical access control system in which the access points are not directly connected to a central authorization server, but rather use the connectivity of the mobile phone to authorize a user access request online by a central access server. The access points ask the mobile phone whether a particular user has access or not. The mobile phone then relays such a request to the access server or presents an offline ticket. One of the basic requirements of our solution is the independence from third parties like mobile network operators, trusted service managers and handset manufacturers. Design/methodology/approach The authentication of the smartphone is based on public key cryptography. This requires that the private key is stored in a secure element or in a trusted execution environment to prevent identity theft. However, due to the intended independence from third parties, subscriber identity module (SIM)-based secure elements and embedded secure elements (i.e. separate hardware chips on the handset) were not an option and only one of the remaining secure element architectures could be used: host card emulation (HCE) or a microSD-based secure element. Findings This paper describes the implementation of such a physical access control system and discusses its security properties. In particular, it is shown that the HCE approach cannot solve the relay attack under conservative security assumptions and an implementation based on a microSD secure element is presented and discussed. Moreover, the paper also describes an offline solution which can be used if the smartphone is not connected to the access server. In this case, an access token is sent to the access point in response to an access request. These tokens are renewed regularly and automatically whenever the smartphone is connected. Originality/value In this paper, a physical access control system is presented which operates as fast as existing card-based solutions. By using a microSD-based secure element (SE), the authors were able to prevent the software relay attack. This solution is not restricted to microSD-based SEs, it could also be implemented with SIM-based or embedded secure elements (with the consequence that the solution depends on third parties).

The widespread of Internet usage has resulted in a greater number and variety of applications involving different types of private information. In order to diminish privacy concerns and strengthen user trust, security improvements in terms of authentication are necessary. The solutions need to be convenient, entailing ease of use and higher mobility. The suggested approach is to make use of the already popular mobile phone and to involve the mobile network, benefiting from Subscriber Identity Module (SIM) card’s tamper resistance to become trusted entities guarding personal information and identifying users. Mobile phone’s SIM card is convenient for safely storing security parameters essential for secured communication. It becomes secure entity compulsory for getting access to privacy sensitive Internet applications, like those involving money transfers. Utilizing the NFC interface passes the personal user keys only when needed, giving additional strength to the traditional public key cryptography approach in terms of security and portability.

In questa tesi si andrà a presentare la realizzazione di un sistema che permette di autenticare la sim di un cellulare, quindi di verificare che un determinato numero di telefono sia realmente nelle mani dell'utente, attraverso servizi di messaggistica online come WhatsApp o Telegram. Il bisogno di questo progetto nasce dal fatto che molte delle attuali applicazioni presenti sul mercato utilizzano sms per autenticare la reale appartenenza di un numero telefonico ad un determinato utente, ma questo comporta un notevole dispendio di soldi, dato che per inviare un gran numero di sms, bisogna sottoscrivere un abbonamento a servizi Gateway Sms che permettono di inviare sms ad un determinato numero dopo aver ricevuto i relativi dati dal mittente.