project-proposal-2025

[AuthentiGate]

Abstract

The frustrating issue of cross-border identity verification is addressed with AuthentiGate. The Name Combines “authenticate” and “gateway” in an advertising way. This solution aims to link several identification systems because I know how frustrating it is not to be able to use your banking services when the verification is linked to your home country phone number. With other means of authentication besides the delivery of SMS codes to their original mobile phone numbers, AuthentiGate facilitates workers, students, and foreign visitors to authenticate beyond national borders. Guaranteeing security, reliability, and modularized structure, AuthentiGate makes sure users can authenticate themselves wherever they may be.

Author

Name: Elanagai Arivuchelvan

Student number: 48216250

Functionality

Here’s what AuthentiGate will do in simple terms:

• Secure Mobile App : Instead of just a website, this uses a dedicated mobile app that’s bound to your device for extra security. This means even if someone steals the password, they can’t log in from their device.
• No More SMS Problems : When you’re abroad and your bank sends a verification code to your home country number, you’re stuck. AuthentiGate lets you verify your identity using alternatives like your fingerprint, face, ID documents, or security questions.
• Use Your Home ID Abroad: AuthentiGate lets you prove “Oh my god,Its mee!” in your current country using credentials from your home country, without needing your home country registered phone number.
• our Data Stays Protected: Your identity information is securely coded, and you get to choose what gets shared with each service.
• Works Worldwide : The system is designed to meet identity regulations in different countries, so you don’t have to worry about compliance issues.
• Phone Number Independence: The authentication works reagrdless of your current contact - your original one or a local SIM
• Complete Transparency: You can see a record of every time your identity was verified, who requested it, and what information was shared.

The complete AuthentiGate system would work with banks, government services, and other providers that need to verify your identity. It would support various types of government IDs and be simple to use through the mobile app.

Scope

For the Minimum Viable Product[MVP] , the focus will br mainly on

1) Core API: A working API that verifies users through multiple methods without requiring SMS to a specific phone number (can make use of the existing API frameworks like REST, Springboot etc for teh compelxity) 2) Two-Country Support: Full verification support between Australia and one other country (India) 3) Service Provider Simulator: A testing environment that works how banks would interact with the system 4) Multiple Authentication Methods: Support for at least three ways to verify identity (government ID validation, biometrics, knowledge-based verification) 5) Mobile Authentication App: A dedicated mobile application with built-in security features including device binding, local biometric authentication, and encrypted storage 6) Dashboard: A simple interface where users manage their verification methods 7) Security Documentation: security analysis and documentation

For the service provider simulator number of existing mock server tools can be used as actual integration as actual intergartion with the financial institutions can prove impossble for us students.

Quality Attributes

Security

Security is the top most important attribute since the app handles sensitive personal information

• Mobile app-based solution restricting access to trusted devices only
• Tight access control with app level authetications
• Regular security tetsing

  Reliability

  The system should be able to work consistently as users depened on this for accessing essential services

• Comprehensive error handling
• Consistent perfomrnace under various loads
• Regular backups

  Modularity

  The system requires interchangeable parts to suit various verification requirements around the world

• clean separtion between system components
• Easy additoin or removal of verificarion methods
• Standard interfaces for authetication types

  Maintainability

  The system must be easy to update as regulations and security requirements evolve around the world

• clear documentaion for all components

Evaluation

Security

Security of AuthentiGate will be evaluated through penetration testing and vulnerability scanning . Test cases will include attempted unauthorized access, data interception, and authentication bypass.

Reliabilty

Reliability testing will verify the system’s ability to function consistently under various conditions. Automated testing will cover edge cases including network interruptions, server failures, and incomplete data submissions. Stress tests could simulate many users , concurrent users to ensure the system maintains stability under load

Modularity

Modularity will be assessed by measuring the effort required to modify or extend the system. Test scenarios will include adding new authentication methods, integrating additional country-specific verification rules, and replacing component implementations. Success will be determined by time required to implement changes

Maintanability

This evaluation could focus on code quality analysis using tools like SonarQube to measure complexity etc