Title :
A rotary PIN entry scheme resilient to shoulder-surfing
Author :
Peipei Shi ; Bo Zhu ; Youssef, A.
Author_Institution :
Concordia Inst. for Inf. Syst. Eng., Concordia Univ., Montreal, QC, Canada
Abstract :
The combination of tokens or cards and personal identification numbers (PINs) are widely used for authentication in many applications including automatic teller machines (ATMs) and point of sales (POSs). Recent security incidents have shown that criminals can get these authentication tokens or cards either by pickpocketing or through fake magnetic card readers. Furthermore, PINs may also be captured through shoulder-surfing or by the use of concealed miniature cameras. Upon obtaining both authentication factors, criminals can easily break into users´ accounts which presents a high security risk. In this paper, we propose a new spinwheel-like PIN entry scheme which is resilient against shoulder-surfing attacks even if the shoulder-surfer can record the entire PIN entry procedure for one time with a video device. This scheme has two variants, both of which achieve a good balance between security and usability.
Keywords :
security of data; automatic teller machines; fake magnetic card readers; personal identification numbers; point of sales; rotary PIN entry scheme resilient; shoulder-surfing attacks; spinwheel-like PIN entry scheme; Authentication; Biometrics; Cameras; Marketing and sales; Pins; Protection; Protocols; Resilience; Security; Usability;
Conference_Titel :
Internet Technology and Secured Transactions, 2009. ICITST 2009. International Conference for
Conference_Location :
London
Print_ISBN :
978-1-4244-5647-5
DOI :
10.1109/ICITST.2009.5402625
