QR Based Advanced Authentication for Online

Transactions
1.
Priyanka Bhogade, 2.Dipika Sonawane, 3.Madhuri Upadhye, 4.Prof. Sanchika Bajpai
1,2,3,4.JSPM’s BSIOTR (W), Computer Department, Wagholi Pune 412207
Abstract— The QR code is Quick Response code. QR code authentication system is an open source and proof-of-concept
authentication system. it use two-factor authentication technique. It combines a onetime password and QR code scanning by
using camera-equipped mobile phone. QR is extremely secure for storing all the sensitive information and transmitted it as in
encrypted form; still it is very easy to use and cost efficient technique. The system uses QR codes which are small
twodimensional code. It en-code digital data. This system can be used for all hardware platforms that are for tablets,
personal computers, laptops, camera equipped cell phones. The System will automatically generate User ID and Transaction
ID for identification of user by scanning. We can read QR code even if it is partially damage. It provides high level of
security and authentication with untrusted devices. Due to these features of QR code the system can be used for various
critical transactions like Banking Transaction by using handy devices like Mobile phones and Tablets.

I. INTRODUCTION
Nowadays any online service that aims to be secure should seriously consider for implementing a strong
authentication method. QR code is a Quick Response code. It is an open source technique. It is a proof-of-concept
authentication system [4]. Our system uses two-factor authentication technique. It combines a onetime password (OTP)
[3] and QR code scanning by using camera-equipped mobile phone. QR is code is extremely secure for storing all the
sensitive information and it transmitted it as encrypted form, still it is also an easy to use and cost efficient solution. Our
system uses QR codes. These are small two-dimensional codes. These code en-code digital data. Our system can be used
for all hardware platforms that are for tablets, personal computers, laptops, camera equipped cell phones. If QR is
partially damage still we can read it. Our system provides high level of security and authentication with untrusted
devices. These properties of QR code made them popular and they are used for different critical transactions like
banking transactions. Our system contains different modules like Creation, Authentication and Transactions. We are
going to add new feature that is Cash Card which can be good replacement for the Demand Draft and cheque.

II. RELATED WORK

In 2002, Clarke et al. were probably one of the first to suggest the usage of camera-based devices as an alternative,
more secured authentication method for critical transactions, such as banking operations, and most particularly when
connecting from untrusted computers [1]. Nowadays camera equipped smart phones around us are increasing so rapidly
that mobile based authentication might become a popular method to authenticate in a short time.
In traditional Barcode data capacity is around the only 16 digit. QR Code has more Data Capacity. It has
Numeric Code = 7,089 characters max and Alphanumeric code = 4,296 characters max.

Fig 1 Comparisons of QR and Barcode

QR codes (Quick Response codes) were introduced in 1994 by Denso-Wave [2], a Japanese company subsidiary of
Toyota. Initially, these codes where conceived as a quick way to keep track of vehicle parts, being nowadays
extremely popular in Asian countries like Japan, South Korea, China or Taiwan and becoming more and more popular
 in western countries by the day. At this point, we can implement the authentication using the QR code for all
platforms such as PC, tablet and mobile phones. We get the idea from the paper, related to our project and we use two
factor authentication. Also by using this project we can replace the demand draft and cheque by Cash Card.

III. IMPLEMENTATION
The problem with QR codes is that, there is lack of awareness among corporate world about people interested to
develop and use QR code. QR code based authentication is beneficial to user cost effective and less time consuming.
Moreover there is no need to carry External device (such as scanner). Available ID password and OTP are used for
authentication which is not secured ever. QR code based authentication system that runs on all hardware platforms
such as PC, tablets, smart phones etc.
This system contains three modules that are Creation, Authentication and Transaction.
A. Creation
Creation module contains User information and system generated information. For sign up process User must enter
his naming details, address and valid mobile. The valid mobile is mandatory for user.
After entering the naming details by the user according to the system will generate automatically unique QR code
and OTP to the mobile. After the scanning of QR code and reentering the OTP the registration will successful.

Figure 2: Registration

B. Authentication
In order to provide same level of security as a web application, the system shall provide login screen on the user's
hardware device. The login entered by the user will be user ID, password and scan the unique QR code. After matching
the user ID, password and QR code OTP will be sent on user's correspondence number, then OTP was re-entered by
user. The values will be verified by the system prior the user having access to the system.
C. Transaction
Transaction can be done in two modes, by using Direct Transfer and by using Cash card. a) Transfer:-
In this mode we select Direct Transfer mode. Then user has to add how much Amount to be transfer and the comment
that will be the reason for why to transfer that amount should add in that transfer mode. Then QR code will be scanned
if it matches then only transfer will do successfully. b) By Using Cash Card:-
Instead of Demand Draft and Cheque we can use the Cash Card. In this mode we select pay to, amount pay to and
comment that will be the reason for what to pay.
System will generate OTP, Unique QR code for Cash Card ,that QR Code will be scanned ,if it matches then only
transfer will done successfully by using Cash Card.
 Figure 3: Cash Card

IV. DISCUSSION
The performance of system depends on the in built camera which is use for scanning of QR code .If we use the
high resolution camera then the performance of the system increases. Security is important point in this system because
we perform online transaction of the bank. Also we provide the OTP with the QR codes, if both are these match then
user's authentication and transaction gets successful. This section identifies the how portable the system is? Our system
is hardware independent, so that we can use our system for all hardware platforms such as PC, Tablets and Smart
phones.
It is not necessary that the required QR code is printed on the paper only instead of we can print the QR code
anywhere and scan it. Therefore it is easy to carry. The login entered by the user shall be user ID, password and scan his
unique QR code. After verifying the user ID, password and QR code OTP will be sent on user's correspondence number,
then OTP was re-entered by user. The values shall be verified by the system prior the user having access to the system.

V. APPLICATIONS
1)Can replace Smart Card: It requires the separate scanner to scan the smart card. Smart card has less storage as
compare to QR code.
2)Can replace Swipe Card: Swipe card can be cloned, but QR code can’t be cloned. Swipe Card has no memory
compared to QR code.
3)Secure way of transaction: QR code is scanned through camera equipped with hardware device therefore our system
provides the more secure transaction.
4)Cash Card: Transfer can be also done using Cash Card which is replicable to Demand Draft and Cheque. System will
generate Cash Card with QR code providing secure authentication.

VI. CONCLUSION
Thus this system is very secure for different types of online transactions. Banking transactions can be done very
securely. System uses two factor authentication techniques that is QR code scanning and one time password. So that
system becomes more secure. QR code does not require any specialised scanner. It can be scanned using any inbuilt and
autofocus camera so that Less cost required for the system. Thus this system is very efficient technique for online
transactions.

REFERENCES
[1] Clarke, Dwaine; Gassed, Blaise; Kotwal, Thomas; Burnside, Matt; van Dijk, Marten:”The Untrusted Computer Problem and CameraBased
Authentication”. Lecture Notes in Computer Science, 2002, Volume 2414, Pervasive Computing, Pages 114-124, Jan.2002. [2]
Densowave:http://www.densowave.com/qrcode/inde x-e.html
[3] Young Sil Lee, Nack Hyun Kim, Hyotaek Lim, HeungKuk Jo, Hoon Jae Lee,” Online Banking Authentication System using Mobile-OTP with
QR-code”, Page(s): 644 – 648, Nov. 30 2010-Dec. 2 2010, E-ISBN : 978-89-88678-30-5.
[4] David Pintor Maestre, Universitat Oberta de Catalunya,08018,
Barcelona, Spain [email protected] 8, 2012
[5] “QR Based Advanced Authentication for All Hardware Platform” The
International Journal of Science and Research Publication (IJSRP)
Dipika Sonawane. Madhuri Upadhye, Priyanka Bhogade. Students, Department of Computer Engineering, JSPM’s BSIOTR(w),University Of
Pune, Maharashtra, India.

AUTHORS
First Author - Priyanka Bhogade, BE (Comp),
JSPM’s BSIOTR (W)
Second Author – Dipika Sonawane, BE (Comp),
JSPM’s BSIOTR (W)
Third Author – Madhuri Upadhye BE (Comp),
JSPM’s BSIOTR (W)
Correspondence Author –Prof.Sanchika Bajpai,
JSPM’s BSIOTR (W),

IJERT
IJERT