Digital Certificate-Based Authentication Model for Enhanced Smartphone Security
DOI:
https://doi.org/10.24191/jcrinn.v10i1.496Keywords:
Smartphone security, Mobile Device Security, Digital Certificates, RSA, User-Device AuthenticationAbstract
Smartphones are integral to the Internet of Things, facilitating connectivity for various devices such as home systems and healthcare tools. However, the growing threat of identity theft, data breaches, and attacks due to weak authentication and poor password management emphasizes the critical need for mobile device security. Cryptography is pivotal in ensuring that only authorized devices can access data. This paper introduces an innovative authentication model for smartphones, integrating digital certificates and secret keys to securely encrypt and decrypt data. The model employs the RSA algorithm to generate encryption keys and authenticate user and device identities. Aimed at addressing smartphone users' authentication needs, the model operates through three phases: Registration, Digital Certificate, and Authentication, each bolstering data protection through digital certificate-based authentication. To assess the model, expert reviews are conducted to ensure its effectiveness. The results demonstrate significant improvements in security and ease of implementation compared to traditional authentication methods. Expert reviews agree that the model effectively mitigates unauthorized access risks by strengthening encryption and authentication protocols across its three key phases. These enhancements make it particularly suited for addressing the evolving security challenges of mobile applications, setting a benchmark for future authentication frameworks in smartphone ecosystems.
Downloads
References
Ab Halim, A. H., Ridzuan, F., Zakaria, N. H., Zakaria, A. A., Mohd Alwi, N. H., Ali Pitchay, S., Az-Zuhar, I., & AlSabhany, A. A. (2024). SAKTI©: Secured chatting tool through forward secrecy. Journal of Advanced Research in Applied Sciences and Engineering Technology, 49(1), 54–62.
Ali, G., Dida, M. A., & Elikana Sam, A. (2021). A secure and efficient multi-factor authentication algorithm for mobile money applications. Future Internet, 13(12), 299. https://doi.org/10.3390/fi13120299
Badr, Y., Zhu, X., & Alraja, M. N. (2021). Security and privacy in the Internet of Things: Threats and challenges. Service Oriented Computing and Applications, 15(4), 257-271. https://doi.org/10.1007/s11761-021-00327-z
Bahaddad, A. A., Almarhabi, K. A., & Alghamdi, A. M. (2022). Factors affecting information security and the implementation of Bring Your Own Device (BYOD) Programmes in the Kingdom of Saudi Arabia (KSA). Applied Sciences, 12(24), 12707. https://doi.org/10.3390/app122412707
Baqeel, H., & Saeed, S. (2019, April). Face detection authentication on smartphones: End users usability assessment experiences. In 2019 International Conference on Computer and Information Sciences (ICCIS) (pp. 1-6). IEEE. https://doi.org/10.1109/ICCISci.2019.8716452
Im, J. H., Jeon, S. Y., & Lee, M. K. (2020). Practical privacy-preserving face authentication for smartphones secure against malicious clients. IEEE Transactions on Information Forensics and Security, 15, 2386-2401. https://doi.org/10.1109/TIFS.2020.2969513
Iyanda, A. R., & Fasasi, M. E. (2022). Development of two-factor authentication login system using dynamic password with SMS verification. International Journal of Education and Management Engineering, 12(3), 13. https://doi.org/10.5815/ijeme.2022.03.02
Oudah, M. S., & Maolood, A. T. (2022). Lightweight authentication model for iot environments based on enhanced elliptic curve digital signature and Shamir secret share. International Journal of Intelligent Engineering & Systems, 15(5). chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https:// inass.org/wp-content/uploads/2022/03/2022103108-2.pdf
Pandey, S., & Bhushan, B. (2024). Recent Lightweight cryptography (LWC) based security advances for resource-constrained IoT networks. Wireless Networks, 30(4), 2987-3026. https://doi.org/10.1007/s11276-024-03714-4
Pangan, A. M. S., Lacuesta, I. L., Mabborang, R. C., & Ferrer, F. P. (2022). Authenticating data transfer using RSA-generated QR codes. European Journal of Information Technologies and Computer Science, 2(4), 18-30. https://doi.org/10.24018/compute.2022.2.4.73
Yaswanth, A., & Reddy, K. T. (2023). A novel dynamic randomized secret key model based on one-time password authentication. International Journal of Intelligent Systems and Applications in Engineering, 11(3), 850-858.
© 2025 by the authors. Submitted for possible open access publication under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Zakaria, A. A., Ab Halim, A. H., Ridzuan, F., Zakaria, N. H., & Daud, M. (2022). LAO-3D: A symmetric lightweight block cipher based on 3d permutation for mobile encryption application. Symmetry, 14(10), 2042. https://doi.org/10.3390/sym14102042