Security

CROO: A Universal Infrastructure and Protocol to Detect Identity Fraud

Download Now Free registration required

Executive Summary

IDentity Fraud (IDF) may be defined as unauthorized exploitation of credential information through the use of false identity. The authors propose CROO, a universal (i.e. generic) infrastructure and protocol to either prevent IDF (by detecting attempts thereof), or limit its con-sequences (by identifying cases of previously undetected IDF). CROO is a capture resilient one-time password scheme, whereby each user must carry a personal trusted device used to generate One-Time Passwords (OTPs) verified by online trusted parties. Multiple trusted parties may be used for increased scalability. OTPs can be used regardless of a transaction's purpose (e.g. user authentication or financial payment), associated credentials, and online or on-site nature; this makes CROO a universal scheme.

  • Format: PDF
  • Size: 219.7 KB