This research explores the security vulnerabilities of NFC/RFID-based access control systems and investigates how multifactor authentication (MFA) can enhance their security. The study reviews existing threats, evaluates different MFA methods (such as biometric and phone-based authentication), and presents a prototype implementation to assess feasibility and effectiveness.
- Security Improvement: MFA significantly reduces unauthorized access risks.
- Flexible Authentication: Reauthentication can be required periodically or during unusual access attempts (e.g., outside work hours).
- Challenges: Usability concerns, integration with legacy systems, and ethical considerations with biometric data must be addressed.
- Best Solution: Phone-based authentication offers the best balance of security, usability, and cost-effectiveness.
- Python 3.x
- NFC/RFID reader hardware - Proxmark
- Required dependencies (listed in
requirements.txt)
-
Clone this repository:
git clone https://gitlab.com/LadishDev/nfc-mfa-research.git cd nfc-mfa-research -
Pick the Authentation Prototype to run
cd "Facial Recognition Authentication" or cd "Phone Based Authentication"
-
Install dependencies:
pip install -r requirements.txt
-
Run the prototype:
python3 facial_rec.py or python3 mfa_app.py
- Testing MFA Authentication: Present an NFC/RFID card and follow the additional MFA steps (phone verification, biometrics, etc.).
- Configuring MFA Rules: Modify python code to adjust reauthentication intervals and access conditions.
- Real-world testing in enterprise environments.
- Optimizing MFA efficiency for faster authentication.
- Exploring additional authentication factors for increased security.
- Modify MFA rules to be adjustable via a settings file.
Contributions are welcome! Please submit a pull request with clear documentation of changes.
This project is open-source under the MIT License.