Two-Thumbs-Up: Physical protection for PIN entry secure against recording attacks

Nyang, DaeHun; Kim, Hyoungshick; Lee, Woojoo; Kang, Sung-bae; Cho, Geumhwan; Lee, Mun-Kyu; Mohaisen, Aziz

doi:10.1016/j.cose.2018.05.012

상세 보기

Two-Thumbs-Up: Physical protection for PIN entry secure against recording attacks

Nyang, DaeHun;
Kim, Hyoungshick;
Lee, Woojoo;
Kang, Sung-bae;
Cho, Geumhwan;
... Lee, Mun-Kyu;
외 1명

Citations

WEB OF SCIENCE

24

Citations

SCOPUS

29

초록

We present a new Personal Identification Number (PIN) entry method for smartphones that can be used in security-critical applications, such as smartphone banking. The proposed "Two-Thumbs-Up" (TTU) scheme is resilient against observation attacks such as shoulder surfing and camera recording, and guides users to protect their PIN information from eavesdropping by shielding the challenge area on the touch screen. To demonstrate the feasibility of TTU, we conducted a user study for TTU, and compared it with existing authentication methods (Normal PIN, Black and White PIN, and ColorPIN) in terms of usability and security. The study results demonstrate that TTU is more secure than other PIN entry methods in the presence of an observer recording multiple authentication sessions. (C) 2018 Published by Elsevier Ltd.

키워드

Authentication; Personal Identification Number(PIN); Smartphone; Recording attack; Physical shielding; User studies; DESIGN

제목: Two-Thumbs-Up: Physical protection for PIN entry secure against recording attacks

저자: Nyang, DaeHun; Kim, Hyoungshick; Lee, Woojoo; Kang, Sung-bae; Cho, Geumhwan; Lee, Mun-Kyu; Mohaisen, Aziz

DOI: 10.1016/j.cose.2018.05.012

발행일: 2018-09

유형: Article

저널명: Computers and Security

권: 78

페이지: 1 ~ 15