基于单因素的身份认证方式是不安全的,因此需要多因素的身份认证方式来保护用户的数据安全。随着在线支付体系的发展,文章设计了一种能有效提高现有网络支付体系安全性的模式,并且提出了一种基于多因素认证的安全高效的支付模式。即在传统的登录名和密码系统的基础上,采用基于验证码和指纹识别的多因素认证方式。文章采用的网络支付协议为双向认证体系,不仅能够满足市场对于多因素认证的需求,而且还支持B2C的安全通信。文章给出了认证模式的具体实现过程,并对其进行了安全性分析,结果表明该认证模式可以提高网络支付的安全性。%The vulnerability is that access is based on only single factor authentication which is not secure to protect user data, and there is a need of multi-factor authentication. With online payment system development acknowledged, this paper proposes the countermeasures of highlighting online payment security at current situation and points out a new protocol based on multi-factor authentication system that is both secure and highly usable. It uses a novel approach based on transaction identiifcation code and ifngerprint to enforce another security level with the traditional login password system. This protocol for online payment is extended as a two way authentications system to satisfy the emerging market need of mutual authentication and also supports secure B2C communication. The realization method of authentication mode is given followed by an analysis which verifies that this mode can enhance the security of the online payment.
展开▼
