STRENGTHENING THE SECURITY OF TWO-FACTOR AUTHENTICATION USING CRYPTOGRAPHIC AND DEVICE-BASED ENHANCEMENTS

Authors

  • Isha Patel Parul University Author
  • Gordhan Jethava Parul University image/svg+xml Author

DOI:

https://doi.org/10.62373/6s9ge987

Keywords:

TWO-FACTOR AUTHENTICATION, CRYPTOGRAPHY, OTP SECURITY, CYBERSECURITY, DEVICE BINDING

Abstract

Let’s face it, the way we live has completely changed with the rise of all things digital. Now, keeping user accounts safe isn’t just a nice-to-have—it’s absolutely vital. To secure accounts, Two-Factor Authentication (2FA) is the method most people use nowadays to have an extra layer of security beyond password-based systems. Unfortunately, as a result of sophisticated attackers' usage of phishing, SIM swapping, replay attacks, and session hijacking, conventional 2FA mechanisms have been found to mostly be vulnerable. This study introduces a new 2FA framework, which combines secure cryptographic methods, device-based verification, and an improved OTP generation mechanism, to make the system more resistant to such kinds of threats. The system being proposed will have a way for the user to generate an OTP on the client side. In addition, it supports the usage of secure key exchange protocols and also the encrypted communication between client and server so as to avoid the capturing and replaying of authentication credentials by a third party. Resistance to common cyberattacks is the major focus of the prototype system subjected to testing under simulated attack scenarios. Quantitative metrics such as authentication time, error rate, and attack success probability have been analysed. The anticipated result is an authentication model that is more robust and less vulnerable to attacks and hence offers increased security without compromising on usability. The present research is a field-mover in security measures around authentication and, subsequently, in trust and safety on digital ​‍​‌‍​‍‌​‍​‌‍​‍‌platforms.

Downloads

Download data is not yet available.

Author Biographies

  • Isha Patel, Parul University

    NA

  • Gordhan Jethava, Parul University

    NA

References

[1] Sweeney, L.: ‘k-Anonymity: A model for protecting privacy’, Int. J. Uncertainty, Fuzziness and Knowledge-Based Systems, 2022, 10, (5), pp. 557–570

[2] Dwork, C.: ‘Differential privacy’, in Automata, Languages and Programming (Springer, Berlin, Heidelberg, 2020), pp. 1–12

[3] Shokri, R., Stronati, M., Song, C., Shmatikov, V.: ‘Privacy-preserving deep learning’, Proc. 22nd ACM SIGSAC Conf. Computer and Communications Security (CCS ’15), 2015, pp. 1310–1321

[4] Li, F., Jiang, X., Chen, W.: ‘Privacy-preserving data sharing in cloud-assisted healthcare systems’, IEEE Access, 2018, 6, pp. 21174–21184

[5] Cao, N., Yang, Y., Wang, L., et al.: ‘Privacy-preserving social media data analysis’, J. Information Security and Applications, 2019, 49, pp. 102–113

[6] Lu, R., Shi, Z., Shao, J.: ‘EPPA: An efficient and privacy-preserving aggregation scheme for secure smart grid communications’, IEEE Trans. Parallel and Distributed Systems, 2022, 23, (9), pp. 1621–1631

[7] Abadi, M., Chu, A., Goodfellow, I., et al.: ‘Deep learning with differential privacy’, Proc. 2016 ACM SIGSAC Conf. Computer and Communications Security (CCS ’16), 2016, pp. 308–318

[8] Zhang, Y., Lin, X., Lu, R., Ho, P.H.: ‘HealthShare: Achieving secure and privacy-preserving health data sharing’, IEEE Trans. Industrial Informatics, 2016, 12, (3), pp. 1231–1242

[9] Lin, S.C., Chang, C.C., Chao, H.C.: ‘Privacy-preserving mechanisms for social media big data’, IEEE Access, 2019, 7, pp. 12521–12531

[10] Bashir, A.G.: ‘Privacy preservation in healthcare: A review of techniques and trends’, J. Medical Systems, 2019, 43, (6), pp. 123–135

[11] A. A. S. AlQahtani, M. Nabil, T. Alshayeb, and A. Patooghy, “Leveraging Machine Learning for Wi-Fi-Based Environmental Continuous Two-Factor Authentication,” IEEE Access, vol. 10, pp. 1–12, 2022.

[12] M. Jubur, N. Saxena, and F. A. Reegu, “Usability and security analysis of the compare-and-confirm method in mobile push-based two-factor authentication,” IEEE Access, vol. 9, pp. 1–15, 2021.

[13] M. Bartłomiejczyk, I. El Fray, and F. Kamoun, “Enhancing two-factor authentication security by analysing and detecting SMS OTP-interception techniques in Android malware,” IEEE Access, vol. 10, pp. 1–14, 2022.

Downloads

Published

13-04-2026

Data Availability Statement

NA

Issue

Vol. 2 No. 2 (2026): Intelligent Systems and Future Engineering Paradigms

Section

Articles

License

Copyright (c) 2026 Isha Patel, Gordhan Jethava (Author)

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

All articles published in PUXplore: Multidisciplinary Journal of Engineering are licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) license.

Under this license, anyone may read, download, copy, distribute, and share the work for non-commercial purposes, provided that appropriate credit is given to the author(s), the journal, and a link to the license is included.

No adaptations, derivatives, or modifications of the work are permitted without prior written permission from the copyright holder.

Authors retain copyright and grant the journal the right of first publication under this license.

How to Cite

STRENGTHENING THE SECURITY OF TWO-FACTOR AUTHENTICATION USING CRYPTOGRAPHIC AND DEVICE-BASED ENHANCEMENTS. (2026). PUXplore Multidisciplinary Journal of Engineering, 2(2). https://doi.org/10.62373/6s9ge987

Similar Articles

You may also start an advanced similarity search for this article.