IndexIntroductionContext of the StudyProblem StatementAuthenticationElectronic AuthenticationOne Time Password (OTP)Quick Response (QR) CodeA QR CodeLiterature ReviewFor decades, humans have employed the use of schemes based on passwords as the main methods of authentication on websites and other electronic platforms. The password authentication system mainly prevents unauthorized access. However, the numerous cases of theft and cyber attacks have exposed the various security weaknesses of these schemes, which have forced improvements that include usage entities such as ownership, knowledge and inheritance as primary factors combining with secondary factors such as phones cell phones to ensure better security. security guarantees. Many daily activities and services, such as banking, have drastically transformed into Internet services. Moving sensitive data services over the Internet requires strong authentication to provide adequate security and privacy. Say no to plagiarism. Get a tailor-made essay on "Why Violent Video Games Shouldn't Be Banned"? Get an Original Essay Today's pervasive nature of computing means that most people rely on public computers and electronic devices to conduct business online, making it a preferred area for many electronic banking services and e-commerce, a fact that makes safety an important factor. To ensure maximum security and privacy, electronic authentication based on Quick Response codes and One Time Password makes it more difficult for potential intruders to access reserved resources. As a result, various QR and OTP schemes have been designed using time-synchronized SMS, smartcards, and tokens. The increase in bolder attacks by hackers and cybercriminals makes security risks more pressing. Therefore, systems based on single factors, such as password authentication, become prone to vulnerabilities, which forces the use of electronic authentication using multiple factors. This research paper analyzes electronic authentication systems using QR code and OTP and finds that such schemes are very secure and can serve many types of services such as banking transactions. Introduction Today, attempts to protect the entire system of online services continue to advance in development in the wake of many people attempting to take advantage by illegally accessing certain systems. Despite numerous efforts and measures to ensure security, there are still gaps in the system that go unnoticed. Different eras bring different changes to authentication systems ranging from text passwords to graphic passwords. These measures have proven to be ineffective in ensuring security and privacy as everyday attackers design and find new ways and paths to exploit. Today, the number of Internet users is vast, a number that continues to increase dramatically over time. As a result, people can now use different online services offered by hospitals, online shopping sites, banks, universities and bill payments. Access to these and other online services requires a text-based authentication system. Although the text-based authentication system proves functional, it has some flaws that affect its usability and security issues, which deny identity, the cornerstone of electronic trust. The electronic authentication approach is intended to block potential impostors and at the same time be more trustworthy to the user. The main function of a security system is to control the movement of peopleinside and outside certain areas such as, among others, information systems, national borders and physical buildings. Elsewhere, psychology studies teach that the brain recognizes and remembers a physical image rather than text. This means that computers and electronic security systems must take into account human factors such as accessibility and ease of use. In fact, the main flaws of the electronic authentication system are due to the fact that the systems do not consider the importance of human factors when it comes to security. Therefore, an ideal security system must prioritize usability, security, and human factors in order to scale up its users from well-trained and competent users to include other broader parameters. The background of StudyValidation services is authentication and authorization, which means that their main focus is on security and issues that arise from it. Therefore, it is important that electronic authentication services remain consistent, updated with the latest technology and at the same time pose minimal risk of security breaches. This makes security and time aspects a top priority when designing electronic authentication services. For example, electronic banking applications inform customers about the status of their accounts and offer them the opportunity to confirm their balance and make transfers from their accounts. This makes account security an important factor when agreeing to use applications. Although time is an important factor, most users may not give it much importance if the security of the transaction is ensured so that other parties cannot access the account information and therefore cannot initiate further transfers. Authentication platforms such as Secure Access and Communications use cryptographic algorithms to ensure private client-server relationships, ensure that transactions are never repudiated, and ensure that data communicated between them is not only complete but also valid (Liao & Lee , 2010). the ProblemValidation services function by comparing two values. A user provides the input value and the system compares it with the previously entered value (Gemalto, n.d.). A direct match between input and saved values ​​grants access to resources such as bank accounts, websites, or construction sites. Therefore, designers of these systems must carefully consider the objectives of the system. For example, for banking transactions, security is the main issue, meaning that the authentication process must involve certain validation checks before authorizing access and transactions. The seriousness of financial transactions makes time a secondary factor, which users readily accept. However, there are some situations where time is more critical and therefore require a fast and secure electronic authentication system. Authentication Using the Internet in electronic authentication has many advantages such as speed and user interface. Despite these benefits, using the Internet for authentication creates vulnerabilities to cybercriminals, unprincipled threats, and hackers manifested in repudiation, unauthorized access, and manipulation of stored content and unprivileged activity (Kennedy, 2010). This makes it very important to design and implement effective solutions that authenticate identities before a user can access certain services and resources. To prove a user's identity, the three factors used include ownership, knowledge, and inference. The user must provide their own proofs such as fingerprint, card or password forsupport each factor (Kennedy, 2010). A common situation today is the importance of authentication when entering certain buildings. Physical location authentication relies on older methods, such as security guards checking a person's validity as an entity against a pre-established list of names of people with access to the facility. Due to its manual nature, the process tends to take a long time. Other electronic authentication systems employ the use of video or voice sessions between recipients and arrivals, thus providing the visitor with the means to authenticate from where the recipient decides to grant or deny access to the building. Evidently, this and other authentication systems mentioned take more time. However, today's advancement in technology makes it possible to use certain devices to design new, faster and more secure ways of electronic authentication when entering buildings and other complex buildings.electronic services such as website accounts and online banking. These authentication systems must be easy to implement and at the same time guarantee maximum security. Using currently existing devices and software to design QRs and OTPs in electronic authentication instances proves to be cost-effective and more secure than other means such as graphical passwords. The use of QR and OTP during electronic authentication would clearly and directly distinguish authorized users from unauthorized users and at the same time allow a user to use multiple computers and mobile devices. Electronic Authentication Electronic authentication involves establishing trust in user identities electronically. Also known as digital authentication, the process confirms or certifies the identity of a particular user (IT, 2009). The process offers people a more secure way to verify a user's identity when performing transactions and other online activities, which is especially useful given today's increase in cases of fraud and identity theft. Electronic authentication provides many options when authenticating a user's identity, such as passwords and multi-factor authentication. The model was developed by NIST and authenticates people and accounts regardless of jurisdiction or physical location. The authentication process begins with a user's request to a CSP. The credential service provider must prove the identity of the applicant in order for the applicant to receive "subscriber" status. The system then provides an authenticator as credentials and token, which takes many forms such as username. The credential service provider manages the user's credentials and registration data from where the user is responsible for managing the authenticators. This means that a user who uses a particular computer to bank online can access their accounts using a different computer; must verify their identity to the CSP because the authenticator is absent. Verification with the CSP at such times may consist of having to successfully answer a challenge question to gain access. One Time Password (OTP) One-time passwords are passwords used only once for transactions or sessions on computers or other digital devices. In this sense, OTP circumvents many shortcomings that plague traditional password systems. The main advantage of OTPs over static passwords is that OTPs are invulnerable to replay attacks. Therefore, a potential intruder in possession of a user to access the OTP cannot abuse it because using it once makes it invalid for subsequent use. An equally important advantage is that using a similar password across multiple systems by one.