E-payment Authentication System Using QR_code and Mobile OTP

Abstract

In order to prevent the leakage of payment information such as account number or password occurred in the Internet Banking or e-commerce trade, user authentication is inevitable. Authentication is most likely performed with password system due to convenience on the web-service. However, password authentication is known to be weak against password guessing attack or dictionary attack. This paper has used the OTP and QR-Code that the previous weakness of password was supplemented. The proposed scheme is two-factor authentication. Users perform authentication server by entering the password on the mobile device, scan the QR-Code from the PC screen to mobile device, and transfer OTP values to the web-server from PC and prevent various attacks of information leakage from a third party. This paper is a research for the solution that distributes OTP without drawbacks in the internet banking and e-commerce trade environment in the use of mobile devices and QR-Code.