10.25673/122137">


Proceedings of International Conference on Applied Innovation in IT
2025/08/29, Volume 13, Issue 4, pp.341-348

BFTM: Blockchain-Based MFA Framework for Secure Financial Transfers


Maha Alwan Alteef and Maytham Mustafa Hammood


Abstract: This paper proposes a blockchain-based multi-factor authentication (BMFA) framework designed to enhance the security of financial operations in decentralized systems. Most authentication methods are still vulnerable to phishing, getting SIM cards switched, and stealing your credentials. By utilizing TOTP and a blockchain platform called Ganache with Ethereum support, wallet owners are allowed to confirm and perform transactions in a reliable, decentralized method. It adds main features for users, so they can declare, cancel, or reject transactions on their end, which makes the process more reliable and gives users the right to be involved. A Flask server off the blockchain manages the user signup and login, and generates TOTP codes for the Google Authenticator app, while Web3.js enables easy communication online with the network. A total of 50 MetaMask wallets were subjected to strict tests created to imitate phishing schemes and server breaches. The framework showed it is fully reliable, as it stopped every unauthorized transaction that occurred. Besides that, it completed a transaction in an average of 1.2 seconds and handled up to 25 transactions each second in controlled tests. The work suggests a powerful, unbreakable, and user-friendly setup for ensuring safety in digital asset transactions in networks not controlled by a single authority.

Keywords: Blockchain Authentication, Decentralized MFA, TOTP Verification, Secure Fund Transfers.

DOI: 10.25673/122137

Download: PDF

References:

  1. M. Jakobsson, “Two-factor inauthentication—the rise in SMS phishing attacks,” Computer Fraud & Security, vol. 2018, no. 6, pp. 6–8, 2018.
  2. V. Papaspirou et al., “Security revisited: Honeytokens meet Google Authenticator,” in Proc. 7th South-East Europe Design Automation, Computer Engineering, Computer Networks and Social Media Conf. (SEEDA-CECNSM), IEEE, 2022, pp. 1–8.
  3. D. Berdik, S. Otoum, N. Schmidt, D. Porter, and Y. Jararweh, “A survey on blockchain for information systems management and security,” Information Processing & Management, vol. 58, no. 1, p. 102397, 2021.
  4. R. A. Grimes, Hacking Multifactor Authentication. Hoboken, NJ, USA: John Wiley & Sons, 2020.
  5. K. Sultan, U. Ruhi, and R. Lakhani, “Conceptualizing blockchains: Characteristics and applications,” arXiv preprint arXiv:1806.03693, 2018.
  6. A. Göransson and E. Asklund, “BankID-based authentication for phone calls,” 2020.
  7. A. K. Jain, R. Bolle, and S. Pankanti, Biometrics: Personal Identification in Networked Society, vol. 479. New York, NY, USA: Springer, 2006.
  8. B. K. Chaurasia and S. Verma, “Infrastructure based authentication in VANETs,” International Journal of Multimedia and Ubiquitous Engineering, vol. 6, no. 2, 2011.
  9. S. A. Sagar Acharya, “Two factor authentication using smartphone generated one time password,” IOSR Journal of Computer Engineering, vol. 11, no. 2, pp. 85–90, 2013, doi: 10.9790/0661-1128590.
  10. K. Fan, N. Ge, Y. Gong, H. Li, R. Su, and Y. Yang, “An ultra-lightweight RFID authentication scheme for mobile commerce,” Peer-to-Peer Networking and Applications, vol. 10, no. 2, pp. 368–376, Mar. 2017, doi: 10.1007/s12083-016-0443-6.
  11. Neha and K. Chatterjee, “Authentication techniques for e-commerce applications: A review,” in Proc. Int. Conf. on Computing, Communication and Automation (ICCCA), Greater Noida, India: IEEE, Apr. 2016, pp. 693–698, doi: 10.1109/CCAA.2016.7813811.
  12. M. Pilkington, “Blockchain technology: Principles and applications,” in Research Handbook on Digital Transformations, F. X. Olleros and M. Zhegu, Eds. Cheltenham, U.K.: Edward Elgar Publishing, 2016, doi: 10.4337/9781784717766.00019.
  13. P. Forrest, “Electronics and Computer Science Faculty of Physical and Applied Sciences, University of Southampton,” 2012.
  14. A. Hughes, A. Park, J. Kietzmann, and C. Archer-Brown, “Beyond Bitcoin: What blockchain and distributed ledger technologies mean for firms,” Business Horizons, vol. 62, no. 3, pp. 273–281, 2019.
  15. D. Rodeck and B. Curry, “What is blockchain,” Forbes, 2022.
  16. H. F. Atlam and G. B. Wills, “Technical aspects of blockchain and IoT,” in Advances in Computers, vol. 115. Amsterdam, The Netherlands: Elsevier, 2019, pp. 1–39, doi: 10.1016/bs.adcom.2018.10.006.
  17. J. J. Sikorski, J. Haughton, and M. Kraft, “Blockchain technology in the chemical industry: Machine-to-machine electricity market,” Applied Energy, vol. 195, pp. 234–246, 2017.
  18. H. F. Atlam, A. Alenezi, M. O. Alassafi, and G. B. Wills, “Blockchain with Internet of Things: Benefits, challenges, and future directions,” International Journal of Intelligent Systems and Applications, vol. 10, no. 6, pp. 40–48, Jun. 2018, doi: 10.5815/ijisa.2018.06.05.
  19. K. Christidis and M. Devetsikiotis, “Blockchains and smart contracts for the Internet of Things,” IEEE Access, vol. 4, pp. 2292–2303, 2016.
  20. X. Yue, H. Wang, D. Jin, M. Li, and W. Jiang, “Healthcare data gateways: Found healthcare intelligence on blockchain with novel privacy risk control,” Journal of Medical Systems, vol. 40, pp. 1–8, 2016.
  21. M. S. Ahmad, W. Mohyuddin, H. C. Choi, and K. W. Kim, “4 × 4 MIMO antenna design with folded ground plane for 2.4 GHz WLAN applications,” Microwave and Optical Technology Letters, vol. 60, no. 2, pp. 395–399, Feb. 2018, doi: 10.1002/mop.30969.
  22. G. Cheng, Y. Chen, S. Deng, H. Gao, and J. Yin, “A blockchain-based mutual authentication scheme for collaborative edge computing,” IEEE Transactions on Computational Social Systems, vol. 9, no. 1, pp. 146–158, 2021.
  23. S. Bamashmos, N. Chilamkurti, and A. S. Shahraki, “Two-layered multi-factor authentication using decentralized blockchain in an IoT environment,” Sensors, vol. 24, no. 11, p. 3575, 2024.
  24. M. S. Almadani, S. Alotaibi, H. Alsobhi, O. K. Hussain, and F. K. Hussain, “Blockchain-based multi-factor authentication: A systematic literature review,” Internet of Things, vol. 23, p. 100844, Oct. 2023, doi: 10.1016/j.iot.2023.100844.
  25. J. Asim et al., “Blockchain-based multifactor authentication for future 6G cellular networks: A systematic review,” Applied Sciences, vol. 12, no. 7, p. 3551, 2022.
  26. V. R. Kebande, F. M. Awaysheh, R. A. Ikuesan, S. A. Alawadi, and M. D. Alshehri, “A blockchain-based multi-factor authentication model for a cloud-enabled Internet of Vehicles,” Sensors, vol. 21, no. 18, p. 6018, Sep. 2021, doi: 10.3390/s21186018.
  27. Md. O. Ahmad et al., “BAuth-ZKP—A blockchain-based multi-factor authentication mechanism for securing smart cities,” Sensors, vol. 23, no. 5, p. 2757, Mar. 2023, doi: 10.3390/s23052757.
  28. I. Wanisha, J. B. James, J. S. Witeno, L. H. Mohammad Bakery, M. Samuel, and M. Faisal, “Multi-factor authentication using blockchain: Enhancing privacy, security and usability,” International Journal of Computer Technology and Science, vol. 1, no. 3, pp. 41–55, Jul. 2024, doi: 10.62951/ijcts.v1i3.24.
  29. Z. A.-A. M. Fneish, M. El-Hajj, and K. Samrouth, “Survey on IoT multi-factor authentication protocols: A systematic literature review,” in Proc. 11th Int. Symp. on Digital Forensics and Security (ISDFS), Chattanooga, TN, USA: IEEE, May 2023, pp. 1–7, doi: 10.1109/ISDFS58141.2023.10131870.
  30. T. Suleski, M. Ahmed, W. Yang, and E. Wang, “A review of multi-factor authentication in the Internet of Healthcare Things,” Digital Health, vol. 9, Jan. 2023, doi: 10.1177/20552076231177144.
  31. J. A. A. Cardoso, F. T. Ishizu, J. T. de Lima, and J. de Souza Pinto, “Blockchain based MFA solution: The use of hydro raindrop MFA for information security on WordPress websites,” Brazilian Journal of Operations & Production Management, vol. 16, no. 2, pp. 281–293, 2019.
  32. A. Eldow et al., “Information communication technology infrastructure in Sudanese governmental universities,” in Recent Advances in Intelligent Systems and Smart Applications, 2021, pp. 363–375.

    HOME

       - Conference
       - Journal
       - Paper Submission to Journal
       - Paper Submission to Conference
       - For Authors
       - For Reviewers
       - Important Dates
       - Conference Committee
       - Editorial Board
       - Reviewers
       - Last Proceedings


    PROCEEDINGS

       - Volume 13, Issue 4 (ICAIIT 2025)
       - Volume 13, Issue 3 (ICAIIT 2025)
       - Volume 13, Issue 2 (ICAIIT 2025)
       - Volume 13, Issue 1 (ICAIIT 2025)
       - Volume 12, Issue 2 (ICAIIT 2024)
       - Volume 12, Issue 1 (ICAIIT 2024)
       - Volume 11, Issue 2 (ICAIIT 2023)
       - Volume 11, Issue 1 (ICAIIT 2023)
       - Volume 10, Issue 1 (ICAIIT 2022)
       - Volume 9, Issue 1 (ICAIIT 2021)
       - Volume 8, Issue 1 (ICAIIT 2020)
       - Volume 7, Issue 1 (ICAIIT 2019)
       - Volume 7, Issue 2 (ICAIIT 2019)
       - Volume 6, Issue 1 (ICAIIT 2018)
       - Volume 5, Issue 1 (ICAIIT 2017)
       - Volume 4, Issue 1 (ICAIIT 2016)
       - Volume 3, Issue 1 (ICAIIT 2015)
       - Volume 2, Issue 1 (ICAIIT 2014)
       - Volume 1, Issue 1 (ICAIIT 2013)


    PAST CONFERENCES

       ICAIIT 2025
         - Photos
         - Reports

       ICAIIT 2024
         - Photos
         - Reports

       ICAIIT 2023
         - Photos
         - Reports

       ICAIIT 2021
         - Photos
         - Reports

       ICAIIT 2020
         - Photos
         - Reports

       ICAIIT 2019
         - Photos
         - Reports

       ICAIIT 2018
         - Photos
         - Reports

    ETHICS IN PUBLICATIONS

    ACCOMODATION

    CONTACT US

 

        

         Proceedings of the International Conference on Applied Innovations in IT by Anhalt University of Applied Sciences is licensed under CC BY-SA 4.0


                                                   This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License


           ISSN 2199-8876
           Publisher: Edition Hochschule Anhalt
           Location: Anhalt University of Applied Sciences
           Email: leiterin.hsb@hs-anhalt.de
           Phone: +49 (0) 3496 67 5611
           Address: Building 01 - Red Building, Top floor, Room 425, Bernburger Str. 55, D-06366 Köthen, Germany

        site traffic counter

Creative Commons License
Except where otherwise noted, all works and proceedings on this site is licensed under Creative Commons Attribution-ShareAlike 4.0 International License.