The current practice of securing a system by implementing multiple authentication steps is known as Multi-Factor Authentication (MFA). From a cybersecurity perspective, MFA is a security measure that verifies authenticated users through two or more authentication methods before granting access to a system or application. Since MFA was introduced and implemented across all working sectors, most attackers moved from conventional attacking methods, such as password brute force, to session hijacking to grant access to the system. Unfortunately, MFA is unable to protect the system from session hijacking since MFA only provides the first layer of protection. Once the user is verified and authenticated into the system, most systems will create a session cookie that will authenticate the user’s session until the termination process by the user or the system. To overcome these challenges, Zero Trust Architecture (ZTA) was introduced, and among the key principles is not trusting any entity, even if it has been previously verified. The objective of this study is to identify the existing continuous authentication (CA) models or frameworks and the challenges of each proposed continuous mechanism. This paper conducted a Systematic Literature Review (SLR) from multiple online databases such as IEEE Xplore, ScienceDirect, Springer Link, Emerald Insight, and MDPI between 2020 to 2025. A total of 316 papers were collected, and after performing the inclusion and exclusion process, 29 papers were selected for the next process. The findings revealed that CA through Machine Learning (ML) and behavioural biometrics increases security and meets the ZTA principle, although facing noticeable challenges in terms of accuracy and efficiency. In conclusion, the implementation of continuous authentication necessitates a layered strategy that combines behavioural biometrics, machine learning, and sensor-driven authentication to establish a more secure and context-sensitive system.