Improving fingerprint based access control system using quick response code

Abstract

Access control systems have been widely used in physical security to authenticate the passing people and control their entrance. The existing systems can be classified into the fingerprint based system, the proximity card based system, etc. according to the adopted authentication techniques. However, proximity cards are easy to lose, while fingerprints also become less reliable because they can be copied to make fakes. It appears access control systems relying on only one single authentication technique can be really risky. In this paper, we improve the traditional fingerprint based access control system with an additional authentication process and a remote authorization scheme, both of which are based on Quick Response Code (QR code). The second authentication process leverages the one-time password (OTP) and the personalized response to a challenge contained in the QR code to enhance security. The authorization scheme assists a remote manager to grant temporary access to otherwise unauthorized personnel using the time-stamped authorization information stored in the QR code. We have implemented the prototype of the proposed system in the .NET framework. Our experiments show the prototype takes about 77 ms to offer more rigorous authentication and 134 ms to provide both strengthened authentication and authorization.