Issues of identity verification of typical applications over mobile terminal platform

Issues of identity verification of typical applications over mobile terminal platform

Recent studies have shown that attacks against USIM card are increasing,and an attacker can use the cloned USIM card to bypass the identity verification process in some applications and thereby get the unauthorized access.Considering the USIM card being cloned easily even under 5G network,the identi...

Full description

Saved in:
Bibliographic Details
Main Authors: Xiaolin ZHANG, Dawu GU, Chi ZHANG
Format: Article
Language:English
Published: POSTS&TELECOM PRESS Co., LTD 2020-12-01
Series:网络与信息安全学报
Subjects:
mobile application
USIM cloning
SMS
authentication
mobile app testing
Online Access:http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2020081
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Recent studies have shown that attacks against USIM card are increasing,and an attacker can use the cloned USIM card to bypass the identity verification process in some applications and thereby get the unauthorized access.Considering the USIM card being cloned easily even under 5G network,the identity verification process of the popular mobile applications over mobile platform was analyzed.The application behaviors were profiled while users were logging in,resetting password,and performing sensitive operations,thereby the tree model of application authentication was summarized.On this basis,58 popular applications in 7 categories were tested including social communication,healthcare,etc.It found that 29 of them only need SMS verification codes to get authenticated and obtain permissions.To address this issue,two-step authentication was suggested and USIM anti-counterfeiting was applied to assist the authentication process.
ISSN:2096-109X

Similar Items