Kontun: A Framework for recommendation of authentication schemes and methods

Abstract Context There are many techniques for performing authentication, such as text passwords and biometrics. Combining two factors into one technique is known as multi-factor authentication. The lack of a proper method for comparing and selecting these techniques for their implementation in software development processes is observed. Objective The article presents a recommendation Framework proposal for comparing and selecting authentication techniques in a software development process. Method Knowledge from academy is obtained through a systematic literature review and experience from industry is gathered using a survey and interviews. The results of these two techniques are used to generate a Framework proposal, which is validated afterwards, through an expert panel and the case study method. Results A recommendation Framework is generated, which recommends the most appropriate authentication schemes and methods for software applications based on criteria identified in literature and industry, categorized by usability, security and costs, plus the context for which the application is intended. The Framework's validity is ascertained by confirming that its recommendations are on line with those on industry, based in the results from the developed case studies. A tool prototype was created in order to help using the Framework in software development processes. Conclusion The proposed Framework helps to cover the observed gap in literature, helping software developers to compare and select the most appropriate authentication techniques for their applications.