Abstract
The use of mobile phone devices is expanding rapidly and they become essential tools that offer competitive business advantages in today's growing world of global computing environments. A Mobile phone device is a suitable tool for a multifactor authentication that could provide powerful and easy to use authentication device to access any service securely such as an ATM terminal as well as would increase the level of protection for critical and sensitive information. In this paper, we present a protocol that provides more secure ATM authentication using biometrics (fingerprint or face) on a mobile phone device under the restriction that no changes can be made to the existing physical infrastructure. Furthermore, we give an overview of the current ATM authentication methods utilizing mobile devices as a factor in the authentication process. Moreover, we outline a high level security analysis for the proposed authentication protocol.