Title
Two-Thumbs-Up: Physical Protection For Pin Entry Secure Against Recording Attacks
Keywords
Authentication; Personal Identification Number (PIN); Physical shielding; Recording attack; Smartphone; User studies
Abstract
We present a new Personal Identification Number (PIN) entry method for smartphones that can be used in security-critical applications, such as smartphone banking. The proposed “Two-Thumbs-Up” (TTU) scheme is resilient against observation attacks such as shoulder-surfing and camera recording, and guides users to protect their PIN information from eavesdropping by shielding the challenge area on the touch screen. To demonstrate the feasibility of TTU, we conducted a user study for TTU, and compared it with existing authentication methods (Normal PIN, Black and White PIN, and ColorPIN) in terms of usability and security. The study results demonstrate that TTU is more secure than other PIN entry methods in the presence of an observer recording multiple authentication sessions.
Publication Date
9-1-2018
Publication Title
Computers and Security
Volume
78
Number of Pages
1-15
Document Type
Article
Personal Identifier
scopus
DOI Link
https://doi.org/10.1016/j.cose.2018.05.012
Copyright Status
Unknown
Socpus ID
85048979846 (Scopus)
Source API URL
https://api.elsevier.com/content/abstract/scopus_id/85048979846
STARS Citation
Nyang, Dae Hun; Kim, Hyoungshick; Lee, Woojoo; Kang, Sung bae; and Cho, Geumhwan, "Two-Thumbs-Up: Physical Protection For Pin Entry Secure Against Recording Attacks" (2018). Scopus Export 2015-2019. 7323.
https://stars.library.ucf.edu/scopus2015/7323