Enhancing Security and Efficiency through QR Integration with Hybrid AES-ECC Algorithm in Mobile Apps for Cardless Data Transactions


  • Noor J. Hamad College of Engineering, Al-Iraqia University, Iraq
  • Abbas A. Abdulhameed Computer Science, University of Mustansiriyah, Iraq
  • Mudhafar H. Ali College of Engineering, Al-Iraqia University, Iraq




AES, Authentication, Decryption, ECC, Encryption, QR Code


 To improve and facilitate transactions between customers and financial institutions, the utilization of Internet banking has been leveraged to deliver a heightened caliber of service characterized by heightened security and efficiency in contrast to traditional banking modalities. It is suggested in this research introduces an innovative security framework, designed to furnish a protected mechanism ensuring secure communication, authentication, confidentiality, and safeguarding of financial transactions between banking institutions and end-users, all without necessitating reliance on a physical card. The fundamental underpinning of this proposed system involves the amalgamation of a Quick Response (QR) code with a hybridized Advanced Encryption Standard-Elliptic Curve Cryptography (AES-ECC) model. Following the successful installation of the security application on the mobile device, and subsequent to an accomplished registration and encryption of data inputs, encoding and decoding processes are facilitated through the intrinsic encoding and decryption keys embedded within this hybrid algorithm. The clientele receives a QR code containing encrypted transaction details, and upon scanning this code via the designated Android application, the pertinent information is promptly displayed. Empirical assessments validate the effectiveness of the suggested approach, demonstrating superior outcomes when juxtaposed with prevailing methodologies.


N. K. and B. Janet, "An analysis of the balance between security and utility of mobile applications," in 2018 International Conference on Circuits and Systems in Digital Enterprise Technology (ICCSDET), Kottayam, India, 2018, pp. 1-4, doi: 10.1109/ICCSDET.2018.8821080.

F. Mallouli, A. Hellal, N. Sharief Saeed and F. Abdulraheem Alzahrani, "A Survey on Cryptography: Comparative Study between RSA vs ECC Algorithms, and RSA vs El-Gamal Algorithms," in 2019 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/ 2019 5th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom), Paris, France, 2019, pp. 173-176, doi: 10.1109/CSCloud/EdgeCom.2019.00022.

J. Yu and C. Nuangjamnong, "The Impact of Mobile Banking Service on Customer Satisfaction: A Case Study of Commercial Banks in China," United International Journal for Research & Technology, vol. 3, no. 10, pp. 43-64, 2022.

H. Lee, Y. Zhang, and K. L. Chen, "An exploration of attributes and security aspects in the context of mobile banking strategy," Journal of International Technology and Information Management, vol. 22, no. 4, pp. 2, 2013.

B.S.Ponnsamudra “Secure Cardless Transaction Android Application using ECC algorithm and QR code,” M.S. thesis, National College of Ireland, Dublin, 2019.

S. Rehman et al., "Hybrid AES-ECC model for the security of data over cloud storage," Electronics, vol. 10, no. 21, pp. 2673, 2021.

N. T. T. Lam and L. T. Tra, "Elliptic Curve Cryptography (ECC) algorithm and its application in Smart-Auto Parking Systems," presented in 2021 IEEE Conference on Intelligent Transportation Systems, 2021.

H. D. K. Mawuli, D. R. Korda, and E. D. Ansong, "An enhancement of data security in cloud computing with an implementation of a two level cryptographic technique, using AES and ECC algorithm," Electronics, vol. 9, no. 9, pp. 639-650, 2020.

M. A. Imran, M. F. Mridha and M. K. Nur, "OTP Based Cardless Transction using ATM,"in 2019 International Conference on Robotics,Electrical and Signal Processing Techniques (ICREST), Dhaka, Bangladesh, 2019, pp. 511-516, doi: 10.1109/ICREST.2019.8644248.

S. Wahjuni and R. Pristian, "Android-based token authentication for securing the online transaction system," in 2016 International Conference on Information and Communication Technology Convergence (ICTC), Jeju, Korea (South), 2016, pp. 174-177, doi: 10.1109/ICTC.2016.7763462.

D. Kumar, A. Agrawal and P. Goyal, "Efficiently improving the security of OTP," in 2015 International Conference on Advances in Computer Engineering and Applications, Ghaziabad, India, 2015, pp. 912-915, doi: 10.1109/ICACEA.2015.7164835.

A. Adukkathayar, G. S. Krishnan and R. Chinchole, "Secure multifactor authentication payment system using NFC," in 2015 10th International Conference on Computer Science & Education (ICCSE), Cambridge, UK, 2015, pp. 349-354, doi: 10.1109/ICCSE.2015.7250269.

N. Sharma and B. Bohra, "Enhancing online banking authentication using hybrid cryptographic method," in 2017 3rd International Conference on Computational Intelligence & Communication Technology (CICT), Ghaziabad, India, 2017, pp. 1-8, doi: 10.1109/CIACT.2017.7977275.

Y. Yuhan. "The Overview of Elliptic Curve Cryptography (ECC)," Journal of Physics: Conference Series. vol. 2386, no. 1, IOP Publishing, 2022.‏

"National Institute of Standards and Technology, FIPS 197 - Advanced Encryption Standard (AES)," Computer Security Resource Center, [Online]. Available: https://csrc.nist.gov/pubs/fips/197/final. [Accessed: 24/10/2023].

Sharma and V. Chopra, "Analysis of AES Encryption with ECC," in 2016 17th International Interdisciplinary Conference on Engineering Science & Management, Dubai, UAE, 2016.




How to Cite

J. Hamad, N., A. Abdulhameed, A., & H. Ali, M. (2023). Enhancing Security and Efficiency through QR Integration with Hybrid AES-ECC Algorithm in Mobile Apps for Cardless Data Transactions. Al-Iraqia Journal for Scientific Engineering Research, 2(4), 103–114. https://doi.org/10.58564/IJSER.2.4.2023.124