Blockchain-enabled multi-layer multi-factor authentication framework for secure financial service access
摘要
Cybersecurity in financial services remains a significant challenge, as remote-access platforms are frequent targets of credential theft, phishing, session hijacking, replay attacks, and other authentication-related threats. This paper presents a multi-factor, multi-layer authentication framework designed to enhance the security and auditability of financial-service access. The proposed framework integrates biometric verification, one-time password (OTP) validation, adaptive risk-based authentication, challenge–response verification, ECC-based digital signatures, and a ledger-supported audit layer within a unified authentication architecture. The framework operates across four security layers: biometric identity verification, OTP validation, dynamic contextual risk assessment, and adaptive challenge–response authentication. To strengthen integrity, confidentiality, and non-repudiation, authentication records are hashed, digitally signed using client-side ECC private keys, encrypted using the server’s public key, and recorded within a cryptographically linked audit ledger. Unlike purely conceptual approaches, the proposed framework has been fully implemented using Python (Flask), SQLite, and Docker, demonstrating practical deployability in real-world environments. Experimental evaluation includes functional validation, adversarial security testing, and operational performance assessment. The results demonstrate strong resistance against multiple authentication-related attack scenarios, including brute-force, replay, session hijacking, phishing, and man-in-the-middle attacks, while maintaining acceptable operational performance. The findings indicate that the proposed framework improves authentication assurance, traceability, and security resilience for modern financial-service environments through the coordinated integration of biometric, cryptographic, behavioral, and ledger-based security controls.