Decentralised Data Logging Architecture Secured by Dual Authentication

Decentralised Data Logging Architecture Secured by Dual Authentication

Urja Saha, Saloni Bele, Manaswi Rajput, Anand D Mane, Dayanand D Ambawade

Department of Electronics and Telecommunication Engineering Sardar Patel Institute of Technology, Mumbai, India

Abstract – Accurate attendance monitoring is essential in aca- demic and corporate environments where accountability and participation directly impact performance evaluation. Conven- tional manual or RFID-based systems are vulnerable to proxy marking, data tampering, and administrative inefficiencies. To overcome these challenges, this paper presents ZenTap a secure, automated attendance system that integrates Internet of Things (IoT) authentication with blockchain-based data integrity verification.

The proposed system employs an ESP32 microcontroller inter- faced with an R307 fingerprint sensor and RC522 NFC reader for dual-factor authentication. Each attendance transaction is encrypted using AES-128, digitally signed, and transmitted to a backend implemented on the FastAPI framework. The backend validates device credentials through JWT-based authentication, stores attendance data in a structured PostgreSQL database, and generates a SHA-256 hash of each verified record. These hashes are immutably committed to a private blockchain ledger, ensuring transparency and non-repudiation of attendance logs.

The frontend ecosystem comprises a ReactTypeScript web dashboard for administrators and a Flutter mobile applica- tion for instructors and students, providing real-time visibility, analytics, and blockchain verification of records. Experimental implementation demonstrates reliable performance, minimal la- tency, and high resistance to data manipulation compared to conventional centralized attendance systems. The proposed ar- chitecture establishes a scalable model for secure, verifiable, and decentralized attendance management in educational institutions.

1. INTRODUCTION

   Accurate and transparent attendance tracking plays a cru- cial role in academic institutions, corporate environments, and government organizations, where accountability and time management are essential. Traditional attendance recording methodssuch as manual signatures or roll-call systemsare prone to inefficiency, human error, and manipulation. The increasing complexity of modern educational institutions, with large class sizes and distributed campuses, further compli- cates the monitoring of student presence and engagement. Consequently, the demand for automated, tamper-resistant attendance systems has grown substantially in recent years.

   To address these challenges, automated systems employing biometric identification (fingerprint, facial, or iris recogni- tion), RFID/NFC cards, and Bluetooth beacons have been

   explored. While these methods improve efficiency, they still suffer from limitations including data tampering, unauthorized proxy attendance, lack of auditability, and poor interoperability between devices. Many existing commercial biometric systems operate as closed, centralized architectures where the data is stored in local servers or proprietary clouds. This creates a single point of failure, vulnerability to cyberattacks, and opportunities for post-facto data manipulation. Additionally, these systems often neglect the privacy and integrity of biomet- ric data, which requires secure storage and controlled access mechanisms.

   Recent research has proposed Internet of Things (IoT)- based attendance systems integrating wireless sensors and edge controllers to automate attendance marking. However, many of these implementations rely solely on microcontrollers transmitting unverified data to cloud databases, which can be intercepted or modified during transmission. Moreover, few solutions provide a means for independent verification of at- tendance authenticity after storage. As institutions increasingly adopt digital recordkeeping, it becomes imperative to ensure that the recorded data is both trustworthy and immutable.

   To overcome these limitations, the proposed work intro- duces ZenTap a smart attendance system integrating IoT authentication with blockchain-based integrity verification. The system combines multiple technologies to achieve secure, real-time, and verifiable attendance management:

   • A dual-authentication IoT hardware unit built around the ESP32 microcontroller, integrating both a fingerprint sensor (R307) and an NFC reader (RC522) to ensure multi-factor identity verification.

   • A backend server implemented using the FastAPI framework, which validates encrypted attendance packets, performs access control through JWT authentication, and stores records in a structured PostgreSQL database.

   • A blockchain layer that commits cryptographic hashes (SHA- 256) of verified attendance records to ensure im- mutability and enable future proof-of-integrity verifica- tion.

   • A comprehensive application layer consisting of a React- based web dashboard for administrators and a Flutter mobile application for students and faculty, supporting real-time monitoring and analytics.

   Unlike conventional centralized attendance systems, Zen- Tap ensures end-to-end trust by securing every stage of the data flowfrom biometric authentication to record archival.

   The ESP32 encrypts attendance data using AES-128 before transmission, and each transaction is timestamped to prevent replay attacks. The blockchain ledger provides a decentralized validation mechanism, ensuring that once attendance data is recorded, it cannot be retroactively modified. Furthermore, the system architecture is modular and scalable, enabling integration across multiple classrooms or departments with minimal reconfiguration.

   The integration of blockchain into the attendance domain not only enhances transparency but also provides a robust audit trail for regulatory or institutional verification. The proposed system contributes to the growing research focus on combining IoT and distributed ledger technologies for trustworthy cyber- physical systems. Through its lightweight design, strong cryp- tography, and hybrid frontend-backend architecture, ZenTap presents a practical, deployable, and secure solution to the persistent challenges of attendance management in educational institutions.

2. RELATED WORK

   Attendance automation has been a recurring research focus across IoT, biometric, and blockchain domains. Earlier systems primarily employed RFID or NFC tags for identity recogni- tion due to their low cost and ease of deployment. However, such methods are inherently vulnerable to card duplication, unauthorised use, and data manipulation when implemented without additional verification layers or encryption mecha- nisms.

   Safiie et al. [5] introduced an IoT-based RFID attendance prototype that successfully automated record submission to the cloud. Despite improving data accessibility, it lacked mecha- nisms to prevent tag cloning or proxy attendance, resulting in compromised authenticity. Rizvi et al. [2] presented an NFC- based monitoring system using microcontrollers and cloud storage, which enhanced usability but remained dependent on the possession of an NFC tag alone. Isa et al. [3] proposed an NFC-enabled attendance model using smartphones, offering user convenience yet neglecting encryption and multi-factor authentication, thus exposing it to replay attacks and credential theft.

   To address the issue of data integrity, several researchers explred blockchain integration. Shah and Ingle [1] surveyed the use of distributed ledgers for secure NFC communication, outlining its potential for immutable logging but without coupling it to physical authentication. Similarly, Al-Dahan et al. [4] reviewed NFC-based attendance systems, highlighting the challenge of ensuring genuine presence when only tag identification is employed. Face-recognition-based models at-

   tempted to solve this through biometric validation [4]; how- ever, they suffer from privacy concerns, high computational cost, and environmental sensitivity (lighting, occlusion, and angle dependency).

   These existing approaches reveal two persistent gaps in the literature:

   1. Weak User Authentication: Most RFID/NFC-based designs depend on static tag identification, making them susceptible to proxy and replay attacks.

   2. Centralised or Mutable Data Storage: Cloud databases in earlier systems lack verifiable integrity, allowing undetected modification of attendance records.

      ZenTap bridges these gaps through a dual-authentication, decentralised architecture. The proposed system binds the attendance event to a verified biometric identity (via fingerprint scanning) and validates the NFC tap within a cryptographically controlled time window. This guarantees that only legitimate users physically present can register attendance. In contrast to previous centralised logging models, ZenTap employs a FastAPIPostgreSQL backend augmented with blockchain- based hash anchoring, ensuring that any post-hoc alteration of stored records is detectable. Moreover, the integration of AES- encrypted IoT communication, JWT-secured APIs, and role-based access for the React/Flutter frontends col- lectively ensures end-to-end integrity and accountabilityan advancement not realised in earlier implementations.

      Table VII summarises the comparison of key related works and the unique contributions of ZenTap.

      TABLE I: Comparison of Existing Attendance Systems with ZenTap

      System		Authentication Method	Data Integrity	Privacy / Se- curity	Our Con- tribution
      Safiie al. [5]	et	RFID Tag Only	Centralised Cloud	None	Vulnerable to cloning
      Rizvi al. [2]	et	NFC Tag	Cloud-based Logging	Low (no en- cryption)	Device- dependent
      Isa al. [3]	et	NFC via Smartphone	Local + Cloud	No encryption, No MFA	Replay risk
      Blockchain Models [1]		Varies	Immutable (on-chain)	High integrity, usability	low	No biomet- ric binding
      ZenTap (Pro- posed)		Fingerprint + NFC (Dual Authentica- tion)	Blockchain- hashed PostgreSQL	AES + JWT Security	Full-stack secure, tamper- proof system

3. PROPOSED SYSTEM ARCHITECTURE

   The overall architecture of the proposed ZenTap system is organised into three collaborative layersIoT Hardware Layer, Backend Processing Layer, and Application Layer. Each layer performs distinct roles to achieve secure, reli- able, and tamper-proof attendance recording. The architectural

   overview is shown in Fig. 1.

   1. IoT Hardware Layer

      The hardware layer functions as the primary interface for user authentication. It employs the ESP32-WROOM mod- ule as the central controller due to its dual-core processor, integrated Wi-Fi, and low power consumption. The ESP32 interfaces with:

      • R307 Optical Fingerprint Sensor via UART for bio- metric identity verification.

      • RC522 NFC Reader via SPI for secondary authentica- tion through contactless NFC cards.

        The operational flow begins with fingerprint scanning and template matching on the device. Upon successful verification, a short-lived cryptographic token activates the NFC reader for approximately 10 seconds. The NFC tag ID, device ID, and timestamp are then packaged into a structured JSON message, encrypted using AES-128, and transmitted to the backend via HTTPS. Power management is handled through a 3.7 V Li-Po battery regulated by a TP4056 charging module, supporting portable classroom use and long battery life.

   2. Backend Processing Layer

      The backend is developed using the FastAPI framework for its asynchronous request handling and scalability. It receives encrypted packets from IoT devices, validates the session token, verifies timestamps, and stores attendance events in a PostgreSQL database through SQLAlchemy ORM.

      Each attendance record contains the following fields:

      • UserID, DeviceID, NFC_UID, Timestamp, SessionToken, Status.

      To ensure tamper-proof logging, a SHA-256 hash of each validated record is committed to a lightweight blockchain (prototype using Ganache, scalable to Hyperledger Fabric). This enables integrity verification by comparing future hashes with blockchain entries, providing a verifiable audit trail.

      Access to backend services is protected using JWT-based authentication and role-based access control (RBAC), en- abling secure and privilege-bound communication between devices, administrators, and clients.

   3. Application Layer

      The application layer provides a unified user interface for real-time monitoring and analytics. It includes:

      • Web Dashboard: Built using React 18 and TypeScript, it allows administrators and instructors to visualise at- tendance data, verify blockchain integrity, and manage device registrations.

      • Mobile Application: Developed in Flutter, it enables students to view their authenticated attendance records and instructors to monitor class participation on the go.

   All application interfaces communicate securely with the

   FastAPI backend using RESTful APIs over HTTPS. The fron- tend visualisations are powered by real-time database queries and blockchain verification endpoints.

4. SYSTEM DESIGN AND IMPLEMENTATION

   The proposed ZenTap Smart Attendance System is de- signed as a three-tier architecture encompassing the IoT device layer, the backend service layer, and the frontend application layer. Each tier performs a specific function in the secure acquisition, validation, and recording of attendance data. The overall implementation ensures real-time operation, dual au- thentication, and blockchain-based data integrity.

   Fig. 1: Updated System Architecture showing layered design of IoT device, backend, and frontend integration.

   1. IoT Device Layer

      The IoT layer forms the physical interface for user authenti- cation. It is built around the ESP32-WROOM microcontroller due to its integrated Wi-Fi module, high processing speed, and low power consumption. Two input devices are interfaced with the ESP32: an R307 optical fingerprint sensor for biometric identification and an RC522 NFC reader for contactless verification. The ESP32 firmware is developed in C/C++ using the Arduino framework, ensuring portability and ease of development.

      When a student interacts with the device, the fingerprint module initiates authentication by comparing the scanned fin- gerprint against pre-stored templates in the local flash memor. Upon a successful match, the ESP32 generates a temporary cryptographic unlock token that activates the NFC reader for a 10-second time window. The NFC module then reads the students ID tag to complete the second layer of authentication.

      This dual-step mechanism ensures that no proxy attendance can occur through the use of duplicate fingerprints or cloned NFC tags.

      The attendance data packet, consisting of User ID, Times- tamp, Device ID, and Session Token, is encrypted using the AES-128 symmetric encryption algorithm before transmis- sion. The device communicates securely with the backend via the HTTPS protocol, ensuring confidentiality and integrity of transmitted data.

   2. Backend Service Layer

      The backend layer, implemented using FastAPI, functions as the central data processing and authentication hub. FastAPI was chosen for its asynchronous capabilities, speed, and built- in support for RESTful APIs. The backend receives encrypted attendance payloads from multiple IoT nodes, decrypts them using pre-shared keys, and performs validation through JWT (JSON Web Token) authentication to confirm that the request originates from an authorized device.

      The validated data is structured and stored in a PostgreSQL relational database through the SQLAlchemy ORM. The schema includes tables for students, courses, instructors, and attendance logs, all normalized to ensure data consistency. Each verified attendance record is serialized and hashed using the SHA-256 algorithm. This hash value is subsequently written to a private blockchain network, initially deployed on Ganache for testing and later migratable to Hyperledger Fabric for enterprise-scale deployment.

      The blockchain serves as a tamper-evident ledgerany modification in the primary database results in a mismatch between stored and blockchain hashes, allowing immediate detection of data tampering. The integration between FastAPI and the blockchain layer is achieved through Web3.py, pro- viding seamless communication between the Python backend and Ethereum-compatible blockchain nodes.

   3. Frontend Application Layer

      The frontend layer provides the visualization and control interface for administrators, instructors, and students. The web dashboard is developed using React 18 with TypeScript and styled using Tailwind CSS, ensuring a responsive and modular design. The web application interacts with backend APIs through secure HTTPS endpoints and employs JWT-based route protection. Administrators can manage courses, verify device registration, and view blockchain-verified attendance logs, while instructors can access real-time class reports and student activity.

      In addition, a Flutter mobile application was developed to enhance portability and ease of access. The app allows students to verify their attendance status, instructors to initiate sessions, and administrators to audit blockchain hashes for integrity verification. The synchronization between mobile, web, and backend components ensures system-wide data consistency.

   4. Firmware and Communication Flow

      The firmware architecture on the ESP32 is modular, con- sisting of five primary tasks: sensor control, user authentica- tion, encryption, network communication, and error handling. Non-blocking task scheduling ensures minimal latency during authentication. Communication with the backend follows a re- questresponse model using RESTful endpoints. The firmware also includes a caching mechanism to temporarily store atten- dance events during network outages and synchronize them once the connection is re-established.

   5. Integration and Testing

      The integrated system was tested under real-world condi- tions using a local Wi-Fi network and a mock blockchain environment. Average authentication time was measured at approximately 1.2 seconds per student, with a transmission latency below 250 ms. The AES encryption and HTTPS communication layers introduced negligible overhead, while blockchain commitment time averaged 0.8 seconds. The sys- tem exhibited high reliability and consistency across multiple devices with no recorded data mismatches during blockchain verification.

      Overall, the combination of IoT-based authentication, RESTful backend design, and blockchain verification estab- lishes a robust, secure, and scalable solution for modern attendance management systems.

      Fig. 2: Hardware schematic of the NFC-enabled attendance reconstructed point satisfies:

      system integrating PN532 NFC module, ESP32 microcon- troller, and secure communication interface.

      (u1G + u2Q)x

      r (mod n), (10)

5. MATHEMATICAL FOUNDATIONS OF

   BLOCKCHAIN

   The integrity and immutability of attendance records in the proposed system are ensured using cryptographic hash functions and Merkle-treebased verification. Each validated attendance entry R is converted into a fixed-length digest using the SHA-256 hash function:

   h = H(R), (1)

   where H : {0, 1}* {0, 1}256 is a one-way, collision- resistant mapping. Any modification in R results in a com- pletely different h, ensuring tamper detection.

   1. Hash-Chained Block Structure

      Each block Bi contains the data Di, timestamp, and the hash of the previous block:

      Bi = (Di, Hi-1) , (2)

      with the block hash computed as

      Hi = H(Di Hi-1), (3)

      where denotes concatenation. Thus, altering any block invalidates all subsequent hashes, providing immutability.

   2. Merkle Root for Record Verification

      Multiple attendance records {p, p, . . . , hn} are aggre- gated in a Merkle tree. For two child hashes ha and hb, the parent node is computed as:

      ha,b = H(ha hb). (4)

      The Merkle root, denoted as M , uniquely represents all records within a block:

      M = H(… H(p p) .. . H(hn-1 hn)). (5)

      A record is verified by recomputing its Merkle proof and checking

      M ' = M. (6)

   3. Record Authenticity Using Digital Signatures

   Each IoT device signs its encrypted payload using an elliptic-curve digital signature. Given private key d and gen- erator point G, the public key is:

   Q = dG. (7)

   For message hash z, the signature (r, s) is computed as:

   r = (kG)x mod n, (8)

   s = k-1(z + dr) mod n, (9)

   where k is a random nonce. A signature is valid if the

   with u1 = zs-1 and u2 = rs-1. This ensures only authenti- cated devices can submit attendance entries.

6. EXPERIMENTAL RESULTS AND EVALUATION

   To validate the effectiveness of the proposed ZenTap dual- authentication architecture, a functional prototype was devel- oped and deployed within a controlled classroom environment. The evaluation focused on measuring authentication reliability, communication latency, power efficiency, and blockchain ver- ification performance. A total of ten users were enrolled, and each test scenario was executed repeatedly to ensure statistical accuracy.

   1. Functional Verification

      The system was tested under various operating conditions to ensure consistent performance. Each user was registered through fingerprint enrolment followed by NFC tag associa- tion. Table II summarizes the observed outcomes for major functional test cases.

      TABLE II: Functional Testing Scenarios and Outcomes

      Test Condition	Expected Result	Observed Result
      Valid fingerprint + NFC tag	Attendance logged	Pass
      NFC tap without fingerprint verification	Access denied	Pass
      Expired session token (>10 s delay)	Request ignored	Pass
      Duplicate NFC tap within ses- sion	Rejected	Pass
      Network outage during log- ging	Data cached locally	Pass
      Tampered payload (hash mis- match)	Server rejects entry	Pass

      The outcomes confirm that the system correctly handles authentication sequencing, prevents replay or proxy attempts, and ensures state consistency across all layers.

   2. Latency and Performance Analysis

      End-to-end latency was measured as the time difference between successful fingerprint capture and backend acknowl- edgment of attendance. Tests were conducted over a 2.4 GHz Wi-Fi network with a stable connection of 20 Mbps bandwidth. Table III provides a breakdown of the average response time for major operations.

      TABLE III: Latency and Response Time Breakdown

      Operation	Average Latency (ms)
      Fingerprint capture and template matching	420
      NFC UID reading and validation	210
      AES encryption and payload for- mation	95
      Wi-Fi transmission and FastAPI request handling	370
      Database commit and response generation	160
      Total End-to-End Latency	1255 (1.25 s)

      The results indicate that the total tap-to-log latency averages

      1.25 seconds, suitable for real-time classroom operation. The asynchronous design of FastAPI and PostgreSQL ensures that latency scales linearly with the number of active devices, maintaining responsiveness under multi-node operation.

   3. Blockchain Verification Delay

      To evaluate the performance of the blockchain anchoring mechanism, attendance records were periodically hashed and committed to a local private Ethereum network running on Ganache. Table IV presents average blockchain transaction metrics.

      Although blockchain commitment adds roughly one second to the post-processing pipeline, it operates asynchronously and does not block the main attendance logging flow. This ensures

      TABLE IV: Blockchain Verification Performance Metrics

      Parameter	Average Value
      Hash computation (SHA- 256)	12 ms
      Transaction submission time	410 ms
      Block confirmation delay	820 ms
      Total verification latency	1.24 s

      that user experience remains unaffected while guaranteeing immutable record verification.

   4. Power Consumption and Device Efficiency

      Power profiling was conducted to assess battery endurance for portable use. Measurements were taken using a 3.7 V, 2000 mAh Li-Po battery and a USB power analyzer.

      TABLE V: ESP32 Power Consumption Profile

      Operating Mode	Average Current (mA)
      Idle (Wi-Fi standby)	35
      Fingerprint scanning active	80
      NFC tag detection	60
      Data transmission via HTTPS	110
      Average during active session	95 mA

      The device demonstrates a battery runtime of approximately 2022 hours on a single charge under typical classroom usage, making it suitable for daily portable operation. Future hard- ware iterations can employ deep-sleep scheduling to extend battery life further.

   5. Reliability and Scalability Testing

      Stress testing was performed by simulating concurrent data submissions from multiple ESP32 nodes. The backend suc- cessfully handled 100 simultaneous requests with an average response time increase of only 18%, validating the scala- bility of the asynchronous FastAPI architecture. PostgreSQL indexing ensured constant-time retrieval operations even as log records exceeded 10,000 entries.

   6. Summary of Experimental Outcomes

   The overall performance demonstrates that ZenTap achieves high operational reliability and security with acceptable la- tency. Table VI presents a consolidated view of the experi- mental findings.

   TABLE VI: Summary of Key Performance Metrics

   Parameter	Measured Value
   End-to-end authentication time	1.25 s
   Blockchain verification delay	1.24 s
   Average power consumption	95 mA
   Wi-Fi throughput	17 Mbps
   System uptime (per charge)	22 hours
   Error rate (failed authentication)	0.3%

   The prototype thus validates the feasibility of a dual- authenticated, decentralised attendance system that combines low-cost IoT hardware, secure cloud communication, and blockchain-based auditability without compromising usability or performance.

7. COMPARATIVE DISCUSSION

   To contextualize the performance and design choices of ZenTap, it is essential to compare it with conventional at- tendance systems, including RFID-based, NFC-based, and face-recognition solutions. Each technology offers distinct advantages but also suffers from limitations in security, cost, or practicality. The comparative analysis presented below highlights how ZenTap achieves a balanced trade-off across these parameters.

   1. RFID-Only and NFC-Only Systems

      RFID and NFC-based attendance systems are widely adopted in educational and corporate settings due to their simplicity and low cost. These systems rely on tagreader communication to identify users. However, they are inherently vulnerable to cloning and proxy attacks since tag identifiers are static and easily duplicated. In contrast, ZenTap introduces a fingerprint pre-verification step before NFC activation. The

      NFC reader is enabled only after biometric validation and remains active for a ten-second cryptographically bounded session. This ensures that even a cloned or stolen tag cannot be used without the legitimate users fingerprint match.

   2. Face-Recognition-Based Systems

      Face-recognition systems eliminate the need for physical contact and allow rapid identification. Nonetheless, they de- mand high computational power, reliable lighting conditions, and introduce privacy concerns. Cloud-based facial analytics further increase cost and latency while posing data-protection challenges. ZenTap avoids such privacy risks by processing biometric data locally on the ESP32 device, where fingerprint templates never leave the hardware. The resulting architecture achieves comparable accuracy without high-end processors or complex datasets.

   3. IoT and Blockchain-Integrated Systems

      Several IoT-enabled attendance frameworks have integrated blockchain to achieve data immutability. However, most imple- mentations [1], [2], [5] suffer from two common issues: (1) excessive blockchain write overheads that degrade response time, and (2) lack of real-time validation on the IoT device. ZenTap resolves these by decoupling the blockchain layer from the real-time attendance logging path. The system first con- firms attendance through cloud validation and later commits only the record hash asynchronously to the blockchain. This approach maintains low latency while ensuring tamper-proof verification.

   4. Comparative Evaluation

      Table VII provides a eature-wise comparison of ZenTap with representative technologies. Metrics such as authentica- tion strength, latency, scalability, and deployment cost were considered.

      As shown in Table VII, ZenTap achieves high security and reliability at a moderate hardware cost, outperforming traditional RFID and NFC systems in authentication integrity.

      1. Live attendance view with blockchain verification

      2. Course overview with blockchain verification status

      3. Student performance dashboard showing attendance rate

      4. Blockchain transaction logs in Ganache

      (a) Instructor dashboard showing live session management

      Fig. 3: End-to-end workflow of the ZenTap system: (a) session management, (b) live blockchain-verified attendance,

      (c) blockchain verification overview, (d) student performance dashboard, and (e) blockchain transaction proof through Ganache logs.

      Feature	RFID	Face Recog.	IoT (Single Auth.)	ZenTap (Proposed)
      Authentication Mode	Card Tap	Face Detection	NFC/Fingerprint	Dual (NFC + Fingerprint)
      Proxy Resistance	Low	Medium	Medium	High
      Hardware Cost	Low	High	Medium	Medium
      Computation Overhead	Low	Very High	Medium	Low
      Privacy Concerns	Low	High	Medium	Low
      Data Storage	Local/Cl oud	Cloud	Centralized	Decentralized (Cloud)
      Tamper Resistance	Low	Medium	Medium	High
      Power Consumption	Low	High	Medium	Low
      Latency (avg.)	1.2 s	2.4 s	1.6 s	1.4 s
      Scalability	Moderate	Low	High	High
      Ease of Integration	High	Medium	Medium	High

      TABLE VII: Feature Comparison of Attendance Systems

      Future enhancements may include integrating machine learning-based anomaly detection, adopting a scalable mi- croservices architecture, and incorporating zero-knowledge proofs or homomorphic encryption for privacy-preserving verification. Additional improvements such as energy-efficient hardware, LoRaWAN-based communication for larger cam- puses, and seamless ERP integration can further strengthen ZenTaps scalability and applicability in institutional environ- ments.

      Compared with face-recognition solutions, ZenTap maintains comparable latency with significantly reduced computational load and enhanced privacy. Its modular architecture also allows easy expansion to include blockchain- based audits or additional authentication modalities.

   5. Discussion Summary

   The comparison underscores that ZenTaps dual- authentication mechanism bridges the gap between affordability and strong security. By combining fingerprint verification with time-bounded NFC activation and asynchronous blockchain integration, the system provides a pragmatic balance of:

   • Security: Protection against cloning, replay, and tamper- ing.

   • Scalability: Efficient multi-device management through cloud APIs.

   • Affordability: Use of low-cost ESP32 and open-source software stack.

   • Privacy: Local biometric storage, preventing centralised misuse.

   Thus, ZenTap represents a next-generation attendance frame- work optimised for educational institutions seeking secure, transparent, and cost-effective automation.

8. CONCLUSION AND FUTURE WORK

This paper presented ZenTap, a secure dual-authentication attendance system integrating fingerprint and NFC verification with encrypted IoT communication and blockchain-backed data integrity. The ESP32-based hardware enables reliable biometric identity validation, while the FastAPIPostgreSQL backend provides secure, low-latency record processing. With a React dashboard and Flutter mobile app, the system ensures

ACKNOWLEDGMENT

The authors express their sincere appreciation to the De- partment of Electronics and Communication Engineer- ing for providing the infrastructure, resources, and institu- tional support that enabled the successful development of this project. The departments continuous encouragement and access to laboratory facilities played a crucial role in shaping the systems design and implementation.

The team also acknowledges the contributions of vari- ous open-source communities whose frameworksincluding FastAPI, PostgreSQL, and Reactwere fundamental in building the backend and frontend components. Finally, the authors thank their peers and reviewers for offering valuable feedback and insights that helped refine the performance, reliability, and overall quality of the system.

REFERENCES

1. K. Ashton, That Internet of Things Thing, RFID Journal, vol. 22, no. 7, pp. 97114, 2009.

2. M. Crosby, P. Pattanayak, S. Verma, and V. Kalyanaraman, Blockchain technology: Beyond bitcoin, Applied Innovation Review, vol. 2, pp. 6 10, 2016.

3. J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, Internet of Things (IoT): A vision, architectural elements, and future directions, Future Generation Computer Systems, vol. 29, no. 7, pp. 16451660, 2013.

4. S. Nakamoto, Bitcoin: A peer-to-peer electronic cash system, 2008. [Online]. Available: https://bitcoin.org/bitcoin.pdf

5. Y. Zhang and J. Wen, An IoT electric business model based on the protocol of bitcoin, in Proc. 18th Int. Conf. Intell. Next Generation Networks (ICIN), Paris, France, 2015, pp. 184191.

6. A. Shukla, R. K. Gupta, and P. Kumar, IoT-based Smart Attendance System using Face Recognition, IEEE International Conference on Smart Technologies, 2021, pp. 105110.

7. A. Al-Sarawi, M. Anbar, K. Alieyan, and M. Alzubaidi, Internet of Things (IoT) communication protocols: Review, Proc. IEEE Int. Conf. Information Technology, 2017, pp. 685690.

8. M. Dabbagh, B. Hamdaoui, M. Guizani, and A. Rayes, Software- defined networking security: Pros and cons, IEEE Communications Magazine, vol. 53, no. 6, pp. 7379, 2015.

9. S. B. Tsai, et al., Design of a Smart Classroom Attendance System Based on IoT and Blockchain, IEEE Access, vol. 9, pp. 120211120224, 2021.

   transparency, tamper-proof storage, and real-time usability. Ex- perimental results demonstrated low latency, strong resistance to proxy attempts, and better performance than traditional RFID or single-authentication systems.

11. M. Munir, S. Rasool, and H. Iqbal, Secure and Efficient Blockchain-

    based Attendance Management System, IEEE Access, vol. 10, pp. 7037170384, 2022.

    FastAPI Documentation, [Online]. Available: https://fastapi.tiangolo.com/

12. PostgreSQL Documentation, [Online]. Available: https://www.postgreql.org/

13. ReactJS Documentation, [Online]. Available: https://react.dev/

14. A. Srivastava and R. Mehra, Implementation of IoT-based NFC and Biometric Attendance System, Proc. IEEE Int. Conf. Advances in Computing and Communication Engineering, 2022, pp. 418424.

15. H. Lin and N. Bergmann, IoT Privacy and Security Challenges for Smart Home Environments, Information, vol. 7, no. 3, pp. 115, 2016.

16. M. M. Hassan, A. Gumaei, A. Alsanad, and S. H. Ahmed, A Blockchain-Based Trust Model Using Edge Computing for Internet of Things Applications, Sensors, vol. 20, no. 20, pp. 118, 2020.

17. H. K. Patil and A. S. Seshadri, Secure Data Management in Cloud using Blockchain, in Proc. IEEE Int. Conf. Advances in Computing, Communications and Informatics (ICACCI), 2019, pp. 23052311.

18. S. Ali, G. Wang, M. A. Siddiqi, and S. M. Iqbal, NFC-Based Secure Authentication System for Smart Devices, IEEE Access, vol. 8, pp. 220230, 2020.

19. R. Roman, J. Lopez, and M. Mambo, Mobile Edge Computing, Fog and Cloud Computing: A Survey and Analysis, IEEE Future Generation Computer Systems, vol. 78, pp. 680698, 2018.

20. A. Dorri, S. S. Kanhere, and R. Jurdak, Blockchain in Internet of Things: Challenges and Solutions, arXiv preprint arXiv:1608.05187, 2016.

21. K. Fan, S. Zhu, J. Liu, and Y. Yang, Security Enhancement of IoT via Device Authentication in Fog Computing, IEEE Access, vol. 7, pp. 5767457683, 2019.

22. S. Hameed and T. A. Khan, Understanding Security Requirements and Challenges in Internet of Things (IoT): A Review, Journal of Computer Networks and Communications, vol. 2018, pp. 114, 2018.