CROO: A Universal Infrastructure and Protocol to Detect Identity Fraud (Extended Version)
Source: Carleton University
IDentity Fraud (IDF) may be defined as unauthorized exploitation of credential information through the use of false identity. The authors propose CROO, a universal (i.e. generic) infrastructure and protocol to either prevent IDF (by detecting attempts thereof), or limit its consequences (by identifying cases of previously undetected IDF). CROO is a capture resilient one-time password scheme, whereby each user must carry a personal trusted device used to generate One-Time Passwords (OTPs) verified by online trusted parties. Multiple trusted parties may be used for increased scalability.