Design and Implementation of Anti-Phishing Authentication System
With the rapid development of Internet, various electronic frauds come in great numbers. Among them, phishing is the most deceptive and influential. As the situation of phishing becomes more and more serious, Anti-Phishing Working Group (APWG) is established in the world. For phishing problems and its essential characteristics, the authentication protocol of anti-phishing based on two-direction, two-factor, and interaction is proposed, and its safeties are investigated. For PKI security infrastructure and B/S technology model under Internet, an interactive authentication mechanism based on special custom image and client program is designed and implemented. The method is universal to authenticate any server on Internet. It is a new solution of anti-phishing.