ABSTRACT
Recently, electronic transactional methods are slowly replacing electronic transactions methods. To protect transactional details and to ensure secure electronic transactions, various e-payment mechanisms have been introduced. However, we found that previous electronic payment mechanisms do not fulfil the complete requirements of non-repudiation from the client’s side and are very vulnerable as well. Hence, an authentication protocol satisfying the user’s requirements without having vulnerabilities should be designed. To enhance the security and robustness in protocol, biometric-based authentication is required. Biometrics has been widely preferred as a third authenticating factor in password- and smart-card-based user authentication protocol. Hence, mutual authentication protocol using biometrics along with password and smartcard has been designed. To strengthen it, a protocol has been designed based on ECC that provides low computational cost with high security and high speed. We used AVISPA and SPAN tools for protocol validation. Informal analysis is also done for protocol verification and validation.
