A Novel Steganographic Approach To Strengthen Enhanced Mfa And Attack Prevention For Credential Transmission

• Author(s):

  Mrs. Banuppriya P | Bharathiraja S | Jeyachandran R | Pradeep Raj S | Rakesh R

• Keywords:

  Biometric Authentication, Banking Security, Grassmann Algorithm, LSB Steganography, Multi-factor Authentication, QR Code Steganography, Session Key Management, SHA-512.

• Abstract:

  Digital Banking Infrastructure Faces Escalating And Sophisticated Threats Including Phishing, Man-in-the-Middle (MITM) Interceptions, Session Hijacking, Replay Attacks, Credential Stuffing, And Denial-of-service (DoS) Campaigns. Conventional Single-factor Authentication Mechanisms Based On Username-password Pairs Offer Insufficient Protection, While Existing Multi-Factor Authentication (MFA) Implementations—such As SMS-based One-Time Passwords (OTP), Hardware Tokens, And Basic Biometric Checks—continue To Exhibit Exploitable Vulnerabilities. This Paper Proposes A Novel Five-layer Secure Authentication And Transaction Authorization Framework Tailored To Digital Banking Environments. The System Integrates: (i) Grassmann Manifold-based Facial Recognition For Biometric Enrollment And Live Verification, Replacing Hardware USB Tokens With A Mathematically Robust Biometric Factor; (ii) Multi-factor Login Combining Credential-based Authentication With Biometric Matching; (iii) Dynamic Per-session Cryptographic Key Generation Using SHA-512 With User-specific Salts; (iv) QR-code Least Significant Bit (LSB) Steganography For Covert Session Key Transmission To The User's Registered Email, Hiding Sensitive Token Data Within An Innocuous Carrier Image; And (v) Per-transaction Session Key Validation With Real-time Unauthorized-access Alerting. The Proposed Architecture Extends And Improves Upon The Secure Multi-Factor Authentication (SMFA) Framework By Sarower Et Al. [1] By Eliminating Physical Device Dependency, Adding Biometric Security, And Introducing A Banking-domain-specific Steganographic Session Key Channel. Security Analysis Via Burrows-Abadi-Needham (BAN) Logic Demonstrates Protocol Correctness. The Facial Recognition Module Achieves A 97.3% True Acceptance Rate (TAR) With A False Acceptance Rate (FAR) Below 0.8%. Steganographic Embedding Achieves A PSNR Of 43.2 DB, Well Above The 40 DB Imperceptibility Threshold. Total Authentication Pipeline Latency Is Approximately 2.3 Seconds On Standard Hardware.

---

Other Details

• Paper id:

  IJSARTV12I4105038

• Published in:

  Volume: 12 Issue: 4 April 2026

• Publication Date:

  2026-04-17

Download Article