Today internet users use a single identity to access multiple services. With single sign-on (SSO), users don’t have to remember separate username/password for each service provider, which helps the user to browse through the web seamlessly. SSO is however susceptible to phishing attacks. This paper describes a new anti phishing SSO model based on mobile QR code. Apart from preventing phishing attacks this new model is also safe against man in the middle & reply attacks.
展开▼