The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

An Attack to One-Tap Authentication Services in Cellular Networks

Research Areas: Assured Identity and Privacy

Principal Investigator: Bharat Bhargava

The One-Tap Authentication (OTAuth) based on the
cellular network is a password-less login service provided by
Mobile Network Operator (MNO) through the unique commu-
nication gateway access technique. The service allows app users
to quickly sign up or log in with their mobile phone numbers
without entering a password. Due to its convenience, OTAuth has
been widely used by various apps. However, some studies have
elaborated that OTAuth services are of great drawbacks from
the perspective of mobile security and identified several flawed
designs, which make the MNO cannot distinguish malicious apps
from normal ones and cause impersonation attacks. In this paper,
we further analyze OTAuth services from the perspective of 4G
and 5G cellular networks and focus on two important procedures
in which the cellular network plays an important role in OTAuth
services. Not surprisingly, we discover a new fundamental design
flaw in determining whether the runtime environment sup-
ports OTAuth services. Moreover, we propose a mature attack
paradigm by exploiting this flaw, which allows an attacker to
login or register one app as a victim. To evaluate the impact of the
attack, we have examined 100/90/100 Android/iOS/HarmonyOS
apps for OTAuth services of 3 mainstream MNOs in China.
The experimental results show that our proposed attack is
applicable to almost all the apps that support OTAuth services,
and affects more apps than the attacks that have been reported
before. Finally, we propose several countermeasures to defend
against the attack. Note that, for security’s sake, we have already
reported our findings to authorized parties and received their
confirmations.

Personnel

Other PIs: Z. Cui, B. Cui, J. Fu

Representative Publications

  • Z. Cui, B. Cui, J. Fu and B. K. Bhargava, "An Attack to One-Tap Authentication Services in Cellular Networks", IEEE Transactions on Information Forensics and Security, vol. 18, pp. 5082-5095, 2023, doi: 10.1109/TIFS.2023.3304840

Keywords: cellular network., Network Security, One-Tap authentication