Two-factor authentication adds an extra layer of security beyond just a password. It works by providing a random code during service activation that the subscriber must then confirm by calling from their home phone line and providing the code. This helps verify that the subscriber is who they claim to be and is accessing the service from a trusted device. The system was implemented using technologies like Java, MySQL and Dialogic to allow two-factor authentication for any voice applications like Phone2Go. It includes REST and SIP modules with a layered architecture and uses cases like validating codes within the time limit or for incorrect codes.

1. Two-Factor
Authentication
- Akhil Agrawal
Purdue University

2. Why is it required?
• Legacy Authentication & Authorization alone
are not enough
• Passwords alone are not enough
• No way to verify the end user is our real
subscriber
• No way to verify the end user is bound to
his/her account services

4. How does it work?
• During any service/application activation, a
random code (Passcode) will be provided
• Subscriber should call from home line and
provide Passcode
• Subscriber account, home line Passcode will
be verified
• Service/Application will be activated

5. What applications will use it?
• Any application on voice platform
• Phone2Go will be able to use it
immediately

6. Different Approaches
• Place a call to Subscriber’s home phone,
collect the Passcode & Verify
• Subscriber will place a call to a dedicated
line from home phone, collect the Passcode
& Verify
• Ask Subscriber to place a call to dedicated
line from home phone with in short duration

7. Technologies Used
• Java
• MySQL
• Dialogic

8. Architecture

9. Implementation - Overview

10. Database – Physical Model
Column Name Data Type Default Value Description
ID UNSIGNED
BIG INT
NOT NULL
PRIMARY KEY
AUTO INCREMENT
Primary Key.
TN INT NULL User's Landline TN.
ApplicationId VARCHAR(25) NULL Name of the Application.
ActivationKey VARCHAR(25) NULL Special parameters required by
respective external client.
MacAddress VARCHAR(25) NULL Mac Address of device.
Token INT NULL 6 digit code generated for 2FA.
DateAndTime DATETIME NOT NULL
Default now()
Date and Time when the code was
created.
2FAStatus VARCHAR(10) NULL Shows the status of the 2 Factor
Authentication.
Will accept only init and success as
values.

11. REST Module - Layered Architecture

12. REST Module Sequence Diagram

13. SIP Module - Layered Architecture

14. Use Cases
• User making the call and entering the correct
code with no errors.
• User making the call without initiating the 2
Factor Authentication Request.
• User making the call after the set time limit.
• User entering the incorrect code.

15. SIP Module Sequence Design

16. No Initiated 2FA Request

17. User Called After Time Limit

18. User Entered Incorrect Auth Code

19. Mentors
• Mr. Naresh Dhiman – Architect and Design of
the solution.
• Mr. Thirumal Ramachandruni, Mr.
Umashankar Somasundaram – Java
development.
• Mr. Mathivanan Manickam – Integration with
Media Server.

20. Conclusion
• Completing this project for my internship has
been a learning and enjoyable experience.
• I really hope my project helps add a layer of
security to the existing and upcoming voice
applications.