Multi-factor authentication for users of non-internet based applications of blockchain-based platforms

TL;DR

This paper proposes a novel multi-factor authentication method for non-internet applications like SMS and USSD by leveraging blockchain transaction evidence and risk analysis to enhance security.

Contribution

It introduces a blockchain-based multi-factor authentication approach tailored for non-internet applications, addressing limitations of existing methods.

Findings

Effective risk analysis for transaction authentication

Enhanced security for SMS and USSD applications

Successful demonstration on a financial platform

Abstract

Attacks targeting several millions of non-internet based application users are on the rise. These applications such as SMS and USSD typically do not benefit from existing multi-factor authentication methods due to the nature of their interaction interfaces and mode of operations. To address this problem, we propose an approach that augments blockchain with multi-factor authentication based on evidence from blockchain transactions combined with risk analysis. A profile of how a user performs transactions is built overtime and is used to analyse the risk level of each new transaction. If a transaction is flagged as high risk, we generate n-factor layers of authentication using past endorsed blockchain transactions. A demonstration of how we used the proposed approach to authenticate critical financial transactions in a blockchain-based asset financing platform is also discussed.