TITLE:
A Reliable Multi-Factor Authentication Approach for Enhancing Security in Merchant Payment Transactions: Case Study of Fapshi Digital Wallet
AUTHORS:
Tamo Karl Wilfried Djotchuang, Inès Raïssa Djouela Kamgang, Théophile Fonzin Fozin, Elie Fute Tagne
KEYWORDS:
Digital Wallet, Merchant Payment, Multi-Factor Authentication, Payment Fraud, Phone Identification
JOURNAL NAME:
Journal of Computer and Communications,
Vol.13 No.7,
July
17,
2025
ABSTRACT: The widespread availability and use of mobile phones and internet technologies have changed the way users purchase goods and services, revolutionising the merchant payments industry. Due to this expansion, more and more people are switching from cash to mobile money and digital wallet solutions. This shift unfortunately leaves more room for payment fraud attacks such as identity theft, application cloning and social engineering, to name but a few. To prevent or mitigate these attacks, researchers have proposed authentication methods based on one-factor, two-factor and even multi-factor authentication. However, these methods still present certain limitations in terms of the effectiveness of the proposed merchant payment security approaches, and the ability to implement them or integrate them into existing digital wallets. This paper addresses these challenges by proposing FapshiSec. It is a secure and efficient multi-factor authentication method that can be integrated into already-existing digital wallets to ensure the effective security of merchant payments. The method uses password, PIN, OTP, phone identification via phone ID, and biometric fingerprints to authenticate users and money withdrawals. The approach which has been implemented in the Fapshi mobile app, comprises two phases, namely the enrolment and authentication phases. The security analysis we have conducted through different scenarios shows that FapshiSec is efficient, and highly effective against payment fraud attacks such as Brute force, phishing and identity theft. It has equally revealed that FapshiSec ensures data confidentiality, integrity, non-repudiation, and privacy. Finally, the performance analysis indicates that FapshiSec presents a smaller communication overhead, improved computational costs and security features when compared to four (04) existing relevant multi-factor authentication approaches.