IoT Security with 2-Factor Auth and RFID
Hello again to all you Onioneers! And welcome to this week’s security-minded, featured project, a home-made two-factor authentication (2FA) device by Irak Mayer.
Much like using an ATM where you need your PIN (which you know) and your card (which you have), Irak has completed a great and simple to implement 2FA project. If you’re security minded enough not to use
password as your password, adding 2FA should interest you and this project is a great place to start!
In setting up his 2FA project, Irak used an Omega2, Arduino Dock 2, an RFID & NFC expansion, an OLED Expansion, and an Android phone to implement a multi-step 2FA process. To successfully authenticate, the user will need their registered RFID tag, and a verification code sent to their phone.
The full authentication process looks like this:
- The user scans their RFID tag using the RFID & NFC expansion (If you’re unfamiliar with NFC communication, fear not as all is explained in the tutorial). The Omega will send the unique serial number of the scanned tag to a server for verification.
- If the tag is registered on the server, it will send a text message with a verification code to the phone number on file for that user
- On receipt of the verification code, the user must then use Android Beam (an NFC app) to present the code back again to the RFID & NFC expansion board.
- If the verification code matches the expected value from the server, access is granted, and otherwise is denied (Well, any other outcome would make this a pretty silly project!)
The authentication status is displayed on the OLED Expansion so the user always has a handle on which step of the process they’re currently in. Irak wrote a Python program that makes use of the
OledExp libraries to interact with the RFID & NFC Expansion and OLED Expansion.
This is an ambitious project and Irak is looking to add even more functionality. Great work Irak, it’s exciting to see people making good use of the RFID & NFC Expansion and creating projects that are great starting points for other users.
Build your Own