Multi-Factor Authentication Architecture Design with OTP and Fingerprint Integration for Mobile Application Security

Abstract

User data security in mobile applications has become a major challenge in the digital era, particularly due to increasing threats such as identity theft, account hacking, and personal information leaks. Single-factor authentication systems like username and password are no longer sufficient, as they are vulnerable to phishing and brute-force attacks. To address this issue, this study designs a Multi-Factor Authentication (MFA) architecture integrating One Time Password (OTP) and fingerprint recognition as dual-layer security measures. The OTP functions as an ownership-based authentication factor transmitted through a secure channel, while fingerprint verification serves as a biometric factor based on the user’s unique identity. The system architecture includes an OTP verification module connected to an authentication server and a fingerprint module integrated directly with the device’s biometric API. The authentication process is only successful when both factors are validated sequentially, thereby minimizing the risk of unauthorized access. Testing results indicate that the integration of OTP and fingerprint enhances security levels without compromising user convenience. This design is expected to serve as an effective and efficient multilayer security model for modern mobile applications, especially in sectors requiring high data protection such as banking, healthcare, and digital services handling sensitive information.