MULTI-FACTOR AUTHENTICATION IN MOBILE APPLICATIONS: A SURVEY OF METHODS AND CHALLENGES

With the increasing number of attacks on sensitive personal and financial information, Multi-Factor Authentication (MFA) has become an essential security tool and especially in mobile apps. MFA can further increase security by mandating that the user prove their identity using multiple authentication factors, thus providing a more robust security than traditional Single-Factor Authentication (SFA) mechanisms, which are more susceptible to theft and negligence and are also prone to attacks. Advanced modern mobile devices offer the flexibility to integrate MFA, which aligns with regulations, while still being very convenient to use. Through this survey, various MFA techniques deployed on mobile devices will be analyzed, including biometric authentication, hardware and software tokens, SMS-based One-Time Passwords (OTPs), behavioral biometrics, and dynamic authentication schemes. It considers the use, security implications, and implementation difficulty of each method. The paper also discusses scenarios of cyberattacks in the real world, assesses the prevailing threats, and presents current developments in mobile cybersecurity. The survey concludes with a description of potential future research directions that could enhance the effectiveness and usability of mobile-based MFA systems.