Abstract
The PIN that is widely used for various services in mobile devices is highly vulnerable to attacks such as shoulder surfing. Various schemes have been proposed to solve this vulnerability of the PIN. However, despite the enhanced security of existing schemes, usability such as authentication time and error rate has decreased. In this paper, we propose a new scheme called PassWindow that allows enter a PIN securely through a window moving on the virtual keypad. PassWindow provides improved usability in the mobile devices and prevents shoulder-surfing attacks at the same time. We also propose an input method using multimodal sensors. This method strengthens the security against recording attacks and touch logger attacks.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Schaub, F., Deyhle, R., Weber, M.: Password Entry Usability and Shoulder Surfing Susceptibility on Different Smartphone Platforms. In: 11th International Conference on Mobile and Ubiquitous Multimedia, pp. 1–10 (2012)
Sasse, M.A., Brostoff, S., Weirich, D.: Transforming the ‘weakest link’― a Human/Computer Interaction Approach to Usable and Effective Security. BT Technology Journal 19(3), 122–131 (2001)
Payne, B.D., Edwards, W.K.: A Brief Introduction to Usable Security. IEEE Internet Computing 12(3), 13–21 (2008)
Passfaces, http://www.realuser.com
Park, S.B.: A Method for Preventing Input Information from Exposing to Observers. 10-2004-0039209, Korea (2004)
Roth, V., Richter, K., Freidinger, R.: A PIN-entry Method Resilient against Shoulder Surfing. In: 11th ACM Conference on Computer and Communications Security, pp. 236–245 (2004)
Luca, A.D., Hertzschuch, K., Hussmann, H.: ColorPIN: Securing PIN Entry through Indirect Input. In: 28th International Conference on Human Factors in Computing Systems, pp. 1103–1106 (2010)
Tari, F., Ozok, A.A., Holden, S.H.: A Comparison of Perceived and Real Shoulder-surfing Risks between Alphanumeric and Graphical Passwords. In: 2nd Symposium on Usable Privacy and Security, pp. 56–66 (2006)
Shi, P., Zhu, B., Youssef, A.: A PIN Entry Scheme Resistant to Recording-based Shoulder-surfing. In: 3th International Conference on Emerging Security Information, Systems and Technologies, pp. 237–241 (2009)
Cai, L., Chen, H.: TouchLogger: Inferring Keystrokes on Touch Screen from Smartphone Motion. In: 6th USENIX Workshop on Hot Topics in Security, p. 9 (2011)
Damopoulos, D., Kambourakis, G., Gritzalis, S.: From Keyloggers to Touchloggers: Take the Rough with the Smooth. Computers & Security 32, 102–114 (2013)
Yi, J.H., Ma, G., Yi, H., Kim, S.: Method and Apparatus for Authenticating Password of User Device. 10-1175042, Korea (2012)
Yi, J.H., Yi, H., Piao, Y., Kim, T.: Method and Apparatus for Authenticating Password using Sensing Information. 10-2012-0103897, Korea (2012)
CogTool, http://cogtool.hcii.cs.cmu.edu/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yi, H., Piao, Y., Yi, J.H. (2014). Touch Logger Resistant Mobile Authentication Scheme Using Multimodal Sensors. In: Jeong, H., S. Obaidat, M., Yen, N., Park, J. (eds) Advances in Computer Science and its Applications. Lecture Notes in Electrical Engineering, vol 279. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41674-3_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-41674-3_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41673-6
Online ISBN: 978-3-642-41674-3
eBook Packages: EngineeringEngineering (R0)