National Authentication Systems

Abstract

Information security has to adapt to an ever-changing environment. Recently there has been a significant increase in the use of smartphones and other mobile devices to access services on the Internet that originally is designed for desktop computers.This thesis examines authentication systems on the Internet aimed at large user groups in light of the evolving threats due to increased use of mobile devices. It examines these authentication systems from the perspective of the end user and investigates problems arising with increased use of mobile devices.This work shows that much can be done in all stages to improve the security of web authentication. Users can protect their devices better and use stronger passwords, service providers can do simple steps to configure their web servers better, and developers of operating systems on mobile devices can reduce the amount of data an application can access on the device. In particular this thesis highlights how the way people are using their smartphones, and how authentication systems work, makes it easy for attackers to exploit the users.