Visual Authentication Using QR Code to Prevent Keylogging

Volume-20 Number-3
Year of Publication : 2015
Authors : R Divya , S Muthukumarasamy
DOI :  10.14445/22315381/IJETT-V20P227


Keylogging is an activity of capturing users’ keyboard strokes and records the activity of a computer user in a covert manner using keylogger hardware and software. The keyloggers secretly monitors and log all keystrokes. Unlike other malicious programs, keyloggers do not cause any threat to system. But it can be used to intercept passwords and other confidential information entered via the keyboard by considering various rootkits residing in PCs (Personnel Computers) that breaches the security. Cyber criminals can get user names, email passwords, PIN codes, account numbers, email addresses, passwords to online gaming accounts, e-payment systems, etc. As a result, it impersonates a user during authentication in financial transactions. To prevent keylogging, the strict authentication is required. The QR code can be used to design the visual authentication protocols to achieve high usability and security. The two authentication protocols are Time based One-Time-Password protocol and Password-based authentication protocol. Through accurate analysis, the protocols are proved to be robust to several authentication attacks. And also by deploying these two protocols in real-world applications especially in online transactions, the strict security requirements can be satisfied.


keylogging; phishing; pharming; session hijacking; QR code; authentication; malicious code; attack; android; visualization