Development of a two-factor authentication system in WEB applications based on fingerprinting

Cover Page

Cite item

Full Text

Open Access Open Access
Restricted Access Access granted
Restricted Access Subscription Access

Abstract

This article proposes a two-factor authentication system in WEB applications based on the fingerprint method. It provides an overview of known two-factor authentication methods in WEB applications and shows the disadvantages of such systems. The architecture of a two-factor authentication system is proposed, cryptographic algorithms for a digital signature are selected, and algorithms for interaction between system components during registration of new devices are developed. An algorithm for interaction between system components during authentication is developed and a software implementation in C# is proposed, and the choice of this programming language is justified. The program components are shown, component codes are presented, and the server and client parts of the system are presented during registration of a new user in the system. The quality of the developed system is assessed, and the coefficients of false rejections for five fingers of the right hand are shown.

About the authors

Rifat R. Sharipov

Kazan National Research Technical University named after A.N. Tupolev – KAI

Author for correspondence.
Email: riphat@mail.ru
ORCID iD: 0000-0002-4957-8132
SPIN-code: 8116-0738
Scopus Author ID: 57191173824

Cand. Sci. (Eng.), associate professor, Department of Information Security Systems

Russian Federation, Kazan, Republic of Tatarstan

Roman A. Olin

Samara National Research University named after Academician S.P. Korolev

Email: olinroman@mail.ru
ORCID iD: 0009-0000-7362-3661
SPIN-code: 4429-4407

associate professor, Department of Information Systems Security

Russian Federation, Samara

Emil M. Gabdrakhmanov

Kazan National Research Technical University named after A.N. Tupolev – KAI

Email: 021100ga@mail.ru

postgraduate student, Department of Computer Systems

Russian Federation, Kazan, Republic of Tatarstan

References

  1. Karpika A.G., Lemaykina S.V., Petrishcheva E.N. A review of identification and authentication algorithms for two-factor authorization. Security, Safety, Communication. 2018. No. 3-1. Pp. 170–176. (In Rus.)
  2. Gibadullin R.F., Lekomtsev D.V., Perukhin M.Yu. Analysis of industrial network parameters using neural network processing. Artificial Intelligence and Decision Making. 2020. No. 1. Pp. 80–87. (In Rus.). doi: 10.14357/20718594200108.
  3. Romanov M.Y. Designing two-factor authentication in a web application. Scientific Research of the 21st Century. 2025. No. 2 (34). Pp. 85–90. (In Rus.)
  4. Shafer A.E., Chernikov A.V. Two-factor authentication using an SMS service. Perm University Herald. Mathematics. Mechanics. Computer Science. 2015. No. 1 (28). Pp. 79–85. (In Rus.)
  5. Bogdanov D.S. A system of indicators for assessing the effectiveness of multi-factor authentication procedures in web applications. Modeling, Optimization and Information Technology. 2023. Vol. 11. No. 3 (42). Pp. 26–27. (In Rus.). doi: 10.26102/2310-6018/2023.42.3.015.
  6. Nuriev M.G., Lapteva M.G., Kosmynin V.A. A system for encoding and transmitting text messages using programmable logic integrated circuits. International Research Journal. 2025. No. 8 (158). doi: 10.60797/IRJ.2025.158.44. URL: https://research-journal.org/archive/8-158-2025-august/10.60797/IRJ.2025.158.44 (data of accesses: 18.08.2025).
  7. Aleksandrova L.N., Samsonov I.Yu. Problems of registration and authentication systems in a web application. Trends in the Development of Science and Education. 2023. No. 97-12. Pp. 12–16. (In Rus.). doi: 10.18411/trnio-05-2023-644.
  8. Morozova A.Yu., Simonyan A.G. Application of multi-step authentication to ensure the security of a web application. Solution. 2021. Vol. 1. Pp. 173–174. (In Rus.)
  9. Gizatullin Z.M., Nuriev M.G. Predicting the noise immunity of computer equipment based on physical modeling. Kazan: School, 2019. 140 p.
  10. Sabirzyanova I.I. A software module for user authorization via SMS for a content management system. Current Problems of Modern Science. 2015. No. 3 (82). Pp. 314–315. (In Rus.)
  11. Sugak V.A., Merezhnikov D.A., Safiullina L.Kh., Alekseeva A.A. Improving society’s literacy in the field of information security using gamification elements. Caspian Journal: Management and High Technologies. 2024. No. 1. Pp. 45–53. (In Rus.). doi: 10.54398/20741707_2024_1_45.
  12. Chesnokova A.A., Kalutskii I.V., Orlov D.O. A multi-factor authentication algorithm for information systems using SMS passwords and access tokens. In: Information technologies in modeling and management: Approaches, methods, solutions. Proceedings of the 3rd All-Russian Scientific Conference with International Participation (Tolyatti, April 21–23, 2020). Tolyatti: Tolyatti State University, 2021. Pp. 75–80.
  13. Safiullina L.Kh., Kasimova A.R., Alekseeva A.A. Reliability analysis of template storage when implementing modern biometric technologies in information security systems. Problems of Information Security. Computer Systems. 2024. No. 2. Pp. 44–56. (In Rus.)
  14. Nuriev M.G., Khafizova A.Sh., Pikuleva N.I. et al. Development and implementation of a secure VPN solution based on WireGuard and Bitvise SSH Client. International Research Journal. 2025. No. 8 (158). doi: 10.60797/IRJ.2025.158.18. URL: https://research-journal.org/archive/8-158-2025-august/10.60797/IRJ.2025.158.18 (data of accesses: 18.08.2025).

Supplementary files

Supplementary Files
Action
1. JATS XML
Download


License URL: https://www.urvak.ru/contacts/

Согласие на обработку персональных данных

 

Используя сайт https://journals.rcsi.science, я (далее – «Пользователь» или «Субъект персональных данных») даю согласие на обработку персональных данных на этом сайте (текст Согласия) и на обработку персональных данных с помощью сервиса «Яндекс.Метрика» (текст Согласия).