Next Article in Journal
The Application Status and Trends of Machine Vision in Tea Production
Next Article in Special Issue
Privacy-Preserving Solution for European Union Digital Vaccine Certificates
Previous Article in Journal
Spectral and Energy Efficiency Trade-Off in UAV-Based Olive Irrigation Systems
Previous Article in Special Issue
Privacy-Preserving Federated Singular Value Decomposition
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 13
Issue 19
10.3390/app131910743
Review Report
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

A Novel Robust Geolocation-Based Multi-Factor Authentication Method for Securing ATM Payment Transactions

Appl. Sci. 2023, 13(19), 10743; https://doi.org/10.3390/app131910743
by Abdullah Alabdulatif 1, Rohan Samarasinghe 2,* and Navod Neranjan Thilakarathne 2,*
Reviewer 1: Anonymous
Reviewer 2: Anonymous
Appl. Sci. 2023, 13(19), 10743; https://doi.org/10.3390/app131910743
Submission received: 10 September 2023 / Revised: 25 September 2023 / Accepted: 26 September 2023 / Published: 27 September 2023
(This article belongs to the Special Issue Advanced Technologies for Data Privacy and Security)

Round 1

Reviewer 1 Report (Previous Reviewer 2)

I have previously reviewed this manuscript and now again reviewed the manuscript carefully entitle “A Novel Robust Geolocation based Multi-Factor Authentication Method for Securing ATM Payment Transactions”. Manuscript has been improved but still needs changes.

Table 1 is not appropriate need to remove.

Literature review and related work is like book chapter. It is not like manuscript literature.

The three typical factors used in MFA need to change proper way. It looks strange as the author presented. Line 230 to 245.

Figure 1 does not contained significance information, need to update with proper information.

The workflow of the existing ATM solution should be compare with proposed workflow.

look ok

Author Response

Dear Reviewer,

Kindly see the attached pdf for our replies to your comments. Thank you for your feedback on our work.

Author Response File: Author Response.pdf

Reviewer 2 Report (New Reviewer)

This paper claims a robust geo location based multifactor authentication method easily applicable to modern bank infrastructure. The presentation is good, but there are some issues to be addressed. 

 

My major concern is on the robustness of the geolocation service: Have the authors taken into account the possible location spoofing attacks, (as they can be implement on a mobile device/or with gps spoofing device). Please take this point into account throughout the paper. It would be of added value for the paper, if the authors can demonstrate in Chapter 5 that their method is immune to this kind of attacks. In other words, it would be a validation that the method indeed is robust.

 

Other than that, please find a list of correction suggestions below:

 

* On page 3: Please list only bullet points which are novel contributions 

* Page 4: Bullet points here are unnecessary

* Table 2: Please add some related works which include geolocation based authentication for atms

* Lines 424-427: I don't understand the purpose of this listing. Can authors please elaborate this part.

* Figure 5: I have difficulties to understand what information this figure tries to convey.

* Figure 6: Check for spelling mistakes ("Alow")

* Figures 6-8: Although screenshots of UI look cool, they barely add scientific content to the paper. I'd recommend to scale the figures down and combine them into a half page collage.

* Figure 9: Is this figure strictly necessary?

Please check for spelling mistakes

Author Response

Dear Reviewer,

Kindly see the attached pdf for our replies to your comments. Thank you for your feedback on our work.

Author Response File: Author Response.pdf

Round 2

Reviewer 1 Report (Previous Reviewer 2)

I am not convinced with the response against table 1 comment. It should be moved after abstract if required. Inside the manuscript it should not be appropriate and should not be added. Moreover, the quality of figures gone blurred. All the quality of figures must be improved before acceptance of manuscript.  

ok

Author Response

Dear Reviewer,

Kindly see the attached file for our answers to your feedback.

Author Response File: Author Response.docx

Reviewer 2 Report (New Reviewer)

Most of my concerns have been addressed. Before final version, please proof read once more and check the quality of the images (in revised manuscript they seemed to be somewhat pixelated). 

Please check for misspelled words

Author Response

Dear Reviewer,

Kindly see the attached file for our answers to your feedback.

Author Response File: Author Response.docx

This manuscript is a resubmission of an earlier submission. The following is a list of the peer review reports and author responses from that submission.


Round 1

Reviewer 1 Report

This study simply presents the one more authentication approach using geo-location based restriction for ATM transactions. I have following comments/suggestions to refine the work towards acceptation for publication.  

-       Introduction is more elaborated, while some contents shall be transferred to other sections e.g. literature review and include basic introduction of research about, scientific research problems and research gaps, research design and solid contributions with structure of paper.

-       Contribution points 1 and 2 are not eligible to enlist, since these are obvious background studies in the research. Please include your solid contributions only including the impact of your work to the communities and the organizations.

-       Some abbreviations e.g. PIN full form are repeated at many places. Some fullforms are missing e.g. EMV?? At Line 257

-       The approach simply applies “geo-location” as a major parameter to restrict the authentication via mobile/smartdevice apps for cash withdrawal, while it only highlights the “Pros” but “Cons” of the approaches are not discussed. For example, accurate calculation and pin-pointing of geo-location << how accurate it is?  What if the card holder do if he/she doesn’t have mobile/smart-devices and associated apps during cash withdrawal?

-       The dataset are dummy for system validation and verification. How can it be validated/tested/verified and cross-verified without real dataset? How does the dataset loo like? Has to be provided the dataset samples at which the analysis/test/implementation was carried out.

-       How accurate the systems in terms of security, quality of services, time and computational complexities? how much extra time does it need for authentication using this geo-location based restriction using apps? << These are major factors still missing in the research.

-       Don’t use the term “following”, “above” on the manuscript for figure/table/algorithm, instead just indicate by figure/table/algorithm numbers. Sometimes, the figure shall be placed “above” the explanation but your text mention “following”.

Extra experimental analysis is expected with real dataset if possible and evaluate the performance of the proposed approach in terms of computational complexity, accuracy and validation of the proposed approach. The robustness of the proposed approach has not been justified yet.

Moderate review required

Reviewer 2 Report

I gone through the manuscript "A Novel Robust Multi-Factor Authentication Method for Securing Electronic Payment Transactions".

Although authors have proposed Multi-Factor Authentication and presented its implementation. But I am not convinced from the study.

I did not find significant novelty and addition of new knowledge, therefore i do not recommend manuscript for publication.

look ok

Reviewer 3 Report

The author has addressed the multi-factor authentication method for securing electronic payment transactions. Based on my review, I have some comments and questions to refine the paper.

1. The introduction section needs improvement, and some latest references regarding secure electronic payment transactions should be cited.

2. The novelty or contributions of the work is not clear. I suggest to refine the contributions.

3. The authors claim the novelty in the abstract. There is some other similar research papers available like https://ieeexplore.ieee.org/document/9392564 and https://doi.org/10.3390/fi13120299. How is the research work different from others work? Please support with some solid arguments.

4. Figures are of poor resolution and clarity. They need to be revised with high resolution.

5. The structure of the related work section can be improved. It would be helpful to group similar studies together and provide a summary assessment for each group. This would make it easier for the reader to understand the key points and differences between the various studies.

6. The conclusion should provide a comprehensive summary of the entire paper, including the problem statement, methodology, results, and key findings. The current conclusion seems to only focus on the methodology and results.

7. The introduction seems lengthy and contains some information that would be better placed in the methods or results sections. Consider streamlining and focusing the introduction on setting up the problem and explaining the purpose of the study.

 

8. Is there any evaluation metrics used to evaluate the security measures. If yes, specify the details and compare it with other recent works. 

9. The proposed methodology is not clearly stated in the work. Generally, GEO location-based authentication and Rest API can be incorporated by adding some plug-in or library or API. But, How the GEO location-based authentication is achieved in your proposed work? Justify.

 

The Extensive english and grammatical corrections are required. 

Back to TopTop