Smartphones as Practical and Secure Location Verification Tokens for Payments

Author(s): Claudio Marforio, Nikolaos Karapanos, Claudio Soriente, Kari Kostiainen and Srdjan Capkun

Download: Paper (PDF)

Date: 22 Feb 2014

Document Type: Briefing Papers

Additional Documents: Slides

Associated Event: NDSS Symposium 2014

Abstract:

Trustworthy location statements from a smartphone trusted execution environment (TEE) enable secure second-factor authentication for point-of-sale payments. We provide two user device enrollment solutions that are resistant against powerful but realistic adversaries. A city-wide field study shows the applicability of the proposed second-factor authentication mechanism.