Image Steganography for Increasing Security of OTP Authentication

Aldrin Wilfred Arokiasamy, Władysław Skarbek
Warsaw University of Technology, Dept. of Electronics and Information Technology, Nowowiejska 15/19, 00-665,
Warsaw, Poland

Verification of customer in web based banking system is a significant issue these days where exchanges are
done utilizing uncertain internet. The advanced communication medium is particularly experiencing a lot of threats.
Picture identification and One Time Password (OTP) were commonly used to authenticate the customer over many
banking systems. In most of the cases they were sent separately which is vulnerable in many cases. To solve this issue,
this paper aims to give a method using both the image with hidden customer information and the OTP which is sent
as SMS to user mobile. Personal Identification Number (PIN) provided by the bank at the time of registration is used
to activate the process of image steganography and sending OTP to the user. The user has to know the image which
was opted at the time of registration. The OTP has to be entered in a virtual keypad that has random keys to avoid key
logging, used for decrypting the information hidden in the image. The image, the hidden information should match
with the information in the database, thus providing the session for the customer.

Keywords: OTP, Picture Identification, Banking Security, Cryptography, Steganography, User-Authentication.