In response to the global increase in mobile identity fraud and one-time password (OTP) interception attacks, researchers have developed a new cybersecurity framework that blends blockchain identity management, artificial intelligence, and geolocation-based controls. The work is shown in the study.”Blockchain-AI Integrated Architecture – Mobile Identity Geolocation and OTP Verification. Published in Internet of the future.
Modern OTP ecosystems, despite being the backbone of financial and digital services authentication, are still structurally weak due to their continued reliance on SMS, email, and other centralized delivery channels. These traditional channels expose users to SIM swap fraud, one-time password (OTP) extraction by phishing, network spoofing, and malware interception. The paper frames these security gaps as a technical, social, and economic problem, noting billions of dollars in losses associated with authentication-related cybercrimes each year.
The proposed solution offers a multi-layered architecture designed to verify identity, device integrity, and user location through a decentralized framework that does not reveal personal data during verification. It integrates a certified blockchain based on Hyperledger Fabric, an AI-based anomaly detection system for SIM swapping and contextual fraud identification, a geolocation-based OTP policy that enforces consistency between user behavior and order patterns, and a Zero-Knowledge Proof engine that hides sensitive identity details during compliance checks.
Structural weaknesses in OTP systems expand the attack surface
The study details why OTP systems have become one of the most targeted components of digital security. The authors explain that core OTP protocols, including industry-specific and time-dependent HMAC standards, are designed for a less complex threat environment. Their reliance on SMS and Email has turned into a liability as these channels do not provide any link between the identity request and the endpoint receiving the OTP. Centralized servers and SMS gateways introduce single points of failure and can be overwhelmed during attacks or outages, delaying or rerouting OTPs.
One of the main attack vectors examined in the paper is SIM swap fraud. Attackers manipulate the mobile network operator’s procedures to reassign the victim’s phone number to an illegitimate SIM card. This gives the attacker full control over the delivery of OTP and related authentication messages. The authors also point to one-time phishing (OTP) platforms that automate real-time interception during login attempts, and malware that collects verification codes directly from compromised devices.
Lack of contextual awareness is another serious flaw. Traditional OTP systems do not check whether a login attempt matches the user’s typical location, device identity, or network behavior. The research confirms that this blind spot is one of the reasons for the increasing incidents of account takeovers in the banking, financial technology, and e-commerce sectors.
The literature review presented in the paper shows that although previous solutions have attempted to improve OTP security using biometrics, improved code generators, or stronger encryption schemes, they still rely on centralized identity management and do not include real-time fraud intelligence. They also fail to address the privacy and scalability challenges necessary for cross-border and cross-operator deployment.
The Blockchain identity layer and AI-based fraud engine form the core of the new architecture
The authors present an integrated authentication framework that replaces the traditional OTP pipeline with a decentralized, verifiable, and context-aware model. The backbone of the system is a private Hyperledger Fabric blockchain responsible for storing tamper-evident mobile phone identity proofs. Only hashed references to subscriber data are stored, keeping sensitive attributes off-chain. Fabric’s permissioned model allows participating mobile network operators to maintain distributed management without revealing personal information.
The blockchain layer organizes data using hashed mobile phone numbers, profile references, and operator IDs. Smart contracts support user registration, identity updates, device cancellation, and fraud processing workflows. The design focuses on minimal on-chain data, frequent salt rotation, and strict access controls to avoid link attacks and unauthorized identity mapping across networks.
Besides the blockchain ledger, the system includes a machine learning-based SIM swap engine and an anomaly detection engine. This risk module analyzes behavioral and network features such as SIM lifecycle events, device changes, location patterns and access anomalies. During evaluation, gradient boosted trees achieved an F1 score of 0.88, significantly outperforming the rule-based baseline. The AI model demonstrated strong accuracy and recall while maintaining minimal latency, ensuring that fraud detection does not delay OTP issuance.
The geocomponent uses GeoHash-based contextual scoring to check whether an OTP request originates from a legitimate or expected user region. The system compares device location with known behavior profiles and applies tolerance limits to reduce false positives. If a request violates the site’s expectations, the policy engine will block or escalate it.
Another innovation is the incorporation of zero-knowledge proofs (zk-SNARKs). This layer of encryption allows the system to prove identity consistency, location authenticity, and acceptable fraud risk scores without revealing any underlying personal data. The proof packet is verified by the blockchain’s token, producing an auditable result stored as a hash. This ensures privacy compliance while providing a verifiable and tamper-resistant record of the authentication decision.
The entire process is delivered through a microservices architecture using standardized components for risk scoring, identity lookup, location verification, evidence generation, and blockchain logging. Northbound APIs are used by banks and fintech platforms, while southbound integrations are tied to mobile network operators’ identity systems. All communications are encrypted and authenticated using key management supported by mTLS, OAuth2, and HSM.
Real-time performance, global scalability, and privacy protection enhance deployment readiness
The authors conducted a multi-layered evaluation covering blockchain throughput, authentication latency, and anomaly detection accuracy. The combined system achieved an overall verification latency of less than 0.5 seconds, even with ZKP overhead. This meets the performance requirements of telecom service providers, financial institutions and digital platforms that rely on near-instant transactions.
Under the enhanced authentication policy, Hyperledger Fabric processed approximately 850 transactions per second, with a response time of approximately 220 milliseconds. A more stringent authentication model reduced throughput, illustrating the trade-off between consensus strength and speed, but the system remained within acceptable performance limits. Off-chain storage of big data and focus on minimal on-chain records have helped reduce blockchain state growth and accelerate validation.
The introduction of ZKPs added approximately 160 to 190 milliseconds of overhead, but the researchers contend that the additional privacy protections justify this cost. Proofs successfully hide KYC attributes, device details, risk feature vectors, and location information, leaving only the verification results visible to the authorizing party. The authors describe this feature as essential to comply with modern privacy regulations.
Security analysis shows that the framework meets critical objectives, including associating each OTP with a verified identity and device, detecting SIM and network anomalies before an OTP is issued, ensuring tamper-resistant auditability, and enforcing strict data minimization. The multi-layered architecture also provides resilience against spoofing, replay attacks, session tampering, contextual misinformation, insider abuse, and log tampering.
The model offers a standardized, interoperable approach to cross-border identity verification while reducing centralized vulnerabilities. The authors highlight that the framework supports cross-operator identity discovery, number portability compliance, and consortium management.
Future work, the authors note, will explore transparent proof systems, post-quantum ZKPs, and evaluation across multi-region distributed network environments to confirm performance under real-world communications conditions. Although further improvement is needed, the authors argue that a unified approach provides a viable path to building secure, scalable, privacy-preserving authentication systems capable of meeting next-generation security requirements.
