A PIN-entry method resilient against shoulder surfing


Magnetic stripe cards are in common use for electronic payments and cash withdrawal. Reported incidents document that criminals easily pickpocket cards or skim them by swiping them through ad-ditional card readers. Personal identification numbers (PINs) are obtained by shoulder surfing, through the use of mirrors or con-cealed miniature cameras. Both elements, the PIN and the card, are generally sufficient to give the criminal full access to the vic-tim’s account. In this paper, we present alternative PIN entry meth-ods to which we refer as cognitive trapdoor games. These methods make it significantly harder for a criminal to obtain PINs even if he fully observes the entire input and output of a PIN entry proce-dure. We also introduce the idea of probabilistic cognitive trapdoor games, which offer resilience to shoulder surfing even if the crim-inal records a PIN entry procedure with a camera. We studied the security as well as the usability of our methods, the results of which we also present in the paper

Similar works

Full text

oaioai:CiteSeerX.psu: time updated on 10/29/2017

This paper was published in CiteSeerX.

Having an issue?

Is data on this page outdated, violates copyrights or anything else? Report the problem now and we will take corresponding actions after reviewing your request.