Mahsa Moradmand Ziabari - Faculty of Computer and Information Technology Engineering, Qazvin Branch, Islamic Azad University, Qazvin, Iran
A Broumandnia - Islamic Azad University, South Tehran Branch,

User authentication is a secure technique for accessing websites and can be of password-based, challenge-response and zero-knowledge types. Password-based authentication methods are categorized into fixed-password and one-time password methods. The traditional static or fixed-password methods are low-cost and simple, and are vulnerable to security attacks. In applications where security is a crucial factor, OTPs should be used. The OTP authentication methods are resistant to eavesdropping and stealing attacks, and are used in banking applications. Visual OTPs are used in this study for user authentication. The following stages are involved in the proposed method: the user visits a bank and provides the proof of purchase for his/her mobile phone and have his/her phone registered with a password. Additionally, the identification factors of the user are converted to encoded images through visual codes. The encoded image along with the static password is sent to a hash function to generate a OTP. The method uses several encryption factors to generate the OTPs and the encoded images. Use of several factors in visual codes increases their security.

Authentication, one-time password, visual code, hash function