Enhancing Financial Transaction Security Using OAuth2, MFA, and Azure AD Authentication: A Java-Based Integrated Approach

Authors

  • Aravind Raghu Research Scholar

DOI:

https://doi.org/10.22399/ijcesen.2068

Keywords:

OAuth2, Multi-Factor Authentication, Azure Active Directory, Financial Security, Access Tokens, Authentication Latency

Abstract

In recent years, financial transactions have been increasingly targeted by cyberattacks, fraud transactions and identity theft. Traditional authentication mechanisms such as basic auth have proven to be insufficient. This paper proposes a multi-layered security framework which integrates three components- Oauth2 token-based authentication, multi-factor authentication (MFA) and Azure Active Directory (AAD) to secure real-time financial transactions. This approach aims to maintain seamless transaction processing along with reducing token compromise rates and prevent unauthorized access. This research paper presents a quantitative approach to evaluate the impact of integrating transaction security, authentication latency and overall performance. A java-based implementation using Springboot and Spring-security has been developed to empirically evaluate the effectiveness of the approach. Using a sample size of 10,000 financial transactions, the integrated Oauth2+MFA+Azure AD approach reduced the token compromise rates from 2.7% to mere 0.4%, which is offset by a latency increase of only 260ms. These findings demonstrate that integrated authentication substantially enhances security at the same time maintains acceptable performance, thus offers a robust foundation for high-throughput and large-scale financial applications. This research lays groundwork for future enhancements into adaptive MFA policies and machine learning based anomaly detection for real-time financial transactions.

References

[1] Li, S., et al. (2019). Enhancing API Security with OAuth2: A Comprehensive Review. IEEE Access, 7, 150361–150374.

[2] Kumar, R., et al. (2018). A Comparative Study of Authentication Protocols in Mobile Payment Systems. IEEE Transactions on Mobile Computing, 17(2), 345–358.

[3] Smith, J., et al. (2017). Evaluating Authentication Latency in Cloud-Based Financial Applications. IEEE Cloud Computing, 4(3), 32–39.

[4] Patel, A., et al. (2019). A Survey on Multi-Factor Authentication in the IoT Era. IEEE Internet of Things Journal, 6(2), 1452–1462.

[5] Chen, H., et al. (2020). Adaptive Multi-Factor Authentication for Mobile Banking: An Empirical Study. IEEE Mobile Computing, 19(4), 25–34.

[6] Garcia, F., et al. (2021). Real-Time Fraud Detection in Financial Transactions Using Machine Learning. IEEE Transactions on Information Forensics and Security, 16, 3120–3133.

[7] Kim, S., et al. (2020). The Impact of Network Latency on Financial Transaction Security. IEEE Transactions on Network and Service Management, 17(1), 98–110.

[8] Zhao, L., et al. (2019). A Scalable Security Architecture for Cloud-Based Financial Services. IEEE Transactions on Cloud Computing, 7(2), 485–497.

[9] Liu, Z., et al. (2018). Integrating Azure Active Directory for Enhanced Identity Management. Microsoft White Paper.

[10] Davis, P., et al. (2017). Centralized Identity Management with Azure AD: Challenges and Solutions. IEEE Software, 34(3), 38–45.

[11] Morales, F., et al. (2021). Security in Financial Systems: An Empirical Study on Multi-Factor Authentication. ACM Transactions on Information and System Security, 24(1), 1–29.

[12] Singh, R., et al. (2020). Analyzing the Effectiveness of OAuth2 in High-Stakes Environments. IEEE Transactions on Dependable and Secure Computing, 17(4), 802–815.

[13] Choi, Y., et al. (2019). Cloud Security in Financial Transactions: An Overview. In Proc. IEEE Cloud Computing Conference, 46–54.

[14] Brown, T., et al. (2021). Authentication Protocols for Digital Payment Systems: A Survey. IEEE Communications Surveys & Tutorials, 23(1), 45–66.

[15] Nguyen, V., et al. (2018). Reducing Fraud in Financial Transactions: The Role of Multi-Factor Authentication. IEEE Access, 6, 68287–68299.

[16] Zhao, J., et al. (2021). Enhancing API Security in Financial Services. IEEE Software, 38(2), 53–60.

[17] O'Connor, L., et al. (2020). A Comprehensive Review of Financial Transaction Security. ACM Computing Surveys, 53(4), Article 85.

[18] Wang, X., et al. (2019). Securing Mobile Payments with Multi-Layered Authentication. IEEE Mobile Computing, 18(1), 56–67.

[19] Anderson, P., et al. (2018). Risk Management in Digital Transactions: A Cybersecurity Perspective. IEEE Security & Privacy, 16(3), 22–29.

[20] Gupta, S., et al. (2019). Balancing Security and Latency in Real-Time Financial Applications. IEEE Transactions on Industrial Informatics, 15(4), 2319–2328.

[21] Patel, D., et al. (2020). Token-Based Authentication: A Critical Analysis. ACM SIGCOMM Computer Communication Review, 50(2), 74–81.

[22] Reynolds, G., et al. (2021). Conditional Access Policies in Azure AD: Implementation and Impact. IEEE Cloud Computing, 8(1), 31–39.

[23] Huang, M., et al. (2020). Adaptive Authentication in the Cloud. IEEE Transactions on Cloud Computing, 8(3), 850–861.

[24] Park, J., et al. (2018). Real-Time Security in Financial Transactions: A Case Study. IEEE Transactions on Industrial Electronics, 65(7), 5745–5753.

[25] Lee, C., et al. (2017). An Empirical Analysis of OAuth2 Security in Financial Systems. IEEE Access, 5, 12074–12084.

[26] Thompson, R., et al. (2019). The Future of Financial Authentication: Trends and Challenges. In Proc. ACM CCS, 1457–1468.

[27] Kim, H., et al. (2018). Evaluating the Usability of Multi-Factor Authentication for Mobile Banking. IEEE Mobile Computing, 17(2), 390–403.

[28] Chen, Q., et al. (2020). Advanced Anomaly Detection Techniques for Fraud Prevention. IEEE Transactions on Neural Networks and Learning Systems, 31(9), 3552–3563.

[29] Stewart, L., et al. (2018). A Survey of Cloud-Based Identity Management. IEEE Internet Computing, 22(3), 70–77.

[30] Evans, D., et al. (2019). OAuth2 in Practice: Lessons Learned from Real-World Deployments. IEEE Software, 36(5), 50–57.

[31] Sanders, J., et al. (2020). High-Performance Authentication in Financial Applications. IEEE Transactions on Parallel and Distributed Systems, 31(3), 691–703.

[32] Hardt, D. (2012). The OAuth 2.0 Authorization Framework. RFC 6749, IETF.

[33] Hardt, D. (2012). OAuth 2.0 Threat Model and Security Considerations. RFC 6819, IETF.

[34] Zhang, Y., et al. (2020). Evaluating OAuth2 Token Security in High-Volume Systems. IEEE Transactions on Dependable and Secure Computing, 17(4), 865–877.

[35] Balfanz, D., et al. (2016). Multi-Factor Authentication in Cloud Environments: Challenges and Opportunities. In Proc. ACM SIGSAC Conference on Computer and Communications Security, 1105–1117.

[36] Richardson, A., et al. (2018). Modern Authentication Strategies for Financial Cybersecurity. In Proc. ACM SIGSAC, 857–868.

[37] Morales, F., et al. (2017). Evaluating Adaptive Security Mechanisms in Financial Transactions. IEEE Access, 5, 14833–14842.

[38] Williams, S., et al. (2021). Centralized vs. Decentralized Identity Management in the Digital Age. IEEE Transactions on Services Computing, 14(2), 417–428.

[39] Roberts, E., et al. (2019). The Role of Edge Computing in Enhancing Transaction Security. IEEE Transactions on Network Science and Engineering, 6(1), 63–74.

[40] Patel, R., & Kumar, A. (2021). A Framework for Adaptive Security in Financial Transactions. Journal of Financial Cybersecurity, 5(1), 15–29.

Downloads

Published

2025-05-13

How to Cite

Aravind Raghu. (2025). Enhancing Financial Transaction Security Using OAuth2, MFA, and Azure AD Authentication: A Java-Based Integrated Approach. International Journal of Computational and Experimental Science and Engineering, 11(2). https://doi.org/10.22399/ijcesen.2068

Issue

Vol. 11 No. 2 (2025): IJCESEN

Section

Research Article

License

Copyright (c) 2025 International Journal of Computational and Experimental Science and Engineering

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.