Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enhancing PIN entry security against Shoulder-Surfing attacks Amir Tayyebi Moghaddam Master of Industrial Design Candidate 2013 Primary Advisor Dr. Young.

Published byAlaina Bennett Modified over 8 years ago

Similar presentations

Presentation on theme: "Enhancing PIN entry security against Shoulder-Surfing attacks Amir Tayyebi Moghaddam Master of Industrial Design Candidate 2013 Primary Advisor Dr. Young."— Presentation transcript:

1 Enhancing PIN entry security against Shoulder-Surfing attacks Amir Tayyebi Moghaddam Master of Industrial Design Candidate 2013 Primary Advisor Dr. Young Mi Choi Assistant Professor, School of Industrial Design, College of Architecture, Georgia Institute of Technology

2 DESIGN OPPORTUNITY Personal Identification Numbers (PINs) are widely been used to authenticate user. However, PIN entry methods via keyboards, keypad and alike are still vulnerable to observation attacks and shoulder surfing (V. Roth, K. Richter, and R. Freidinger.2004). Do you know According to the Identity Fraud Industry, in year 2011, identity fraud has increased by 13 percent. This means, more than 11.6 million adults became victims of identity fraud in the United States (Lynn Langton, Michael Planty, 2010). The Bureau of Justice Statistics reported, in year 2008, 34% identity thief happened during a purchase or other transaction (javelin strategy, 2012). The Identity Theft Assistance Center found that senior citizen at age 65 and older are the most significant victims who reported identity theft (Anne Wallace, 2012).

3 BACKGROUND Personal Identification Numbers (PINs) is widely using as a way of authorizing and authenticating user to the machine. When withdrawing money from the auto teller machine (ATM), authorizing Point of Sale (POS) devices, locking and unlocking our digital handheld devices like mobile phone and personal digital assistants (PDAs), or authorizing customer service to have access to your profile data on the phone call, PINs are required to authenticate the user. Technically, user validate itself to the machine by entering a four digit PIN number through PIN pad with three by four keys, and then the data center verifies whether the entered PIN is correct. Although, any pryer eyes, who can observe the PIN pad in the field of view may obtain the PIN number that a authenticate entre and use that information to imitate the legitimate prover. This particular attack commonly accepted in public as shoulder surfing. In fact, acquiring the Personal Identification Numbers (PINs) is the main goal of shoulder surfing attacks. Normally, Shoulder surfing associate with real time observation with unarmed eyes and mirrors or using concealed miniature camera. In most cases, only PIN is sufficient to give the criminal fill access to the victim’s account (Volker Roth, Kai Richter. 2005).

4 RELATED WORK Graphical Password or Graphical User Authentication Gaze-Based Password Authentication through Audio and Haptic PIN Entry Methods Cognitive Trapdoor Games

5 POPULATION The study population consist of all adult people who are at the age of 65 and over (Senior Citizen) in the United State. 41,385,026 (13 percent of the total population) The number of people who were 65 and older in the United States on April 1, 2010 65 +

6 METHODOLOGY Phase 1 – Evaluation of existing PIN entry Methods Quantitative data collection Obtaining relevant data through surveys with closed-ended questions Qualitative data collection Observing and recording well-defined events Conducting an In-depth Interview with open-ended questions Phase 2 – Design and Prototyping Phase 3 – Usability Testing Creating a scenario of real situation Sampling Recruiting participants from target group Phase 4 – User feedback analysis Design development Usability Testing

7 References Lynn Langton, Michael Planty. Victims of Identity Theft,2008. Bureau of Justice Statistics. 2010. Volker Roth, Kai Richter. How to fend off shoulder surfing. Elsevier Publishers. 2005. Javelin strategy. (2012). 2012 Identity Fraud Industry Report “Retrieved 09/24//2012, 2012, from https://www.javelinstrategy.com/brochure https://www.javelinstrategy.com/brochure V. Roth, K. Richter, and R. Freidinger. A pin-entry method resilient against shoulder surfing. In Proc. of 11 th ACM Conference on Computer and Communication Security (CCS 2004), pages 236–245,Washington DC, USA, October 2004. ACM Press. F. Tari, A. Ozok, and S. Holden. A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords. In SOUPS. ACM, 2006. Department of Defense Computer Security Center, "Department of Defense Password Management Guideline," Department of Defense, Washington, DC CSC-STD-002-85, April 12 1985. J. Yan, A. Blackwell, R. Anderson, and A. Grant, "Password Memorability and Security: Empirical Results," IEEE Privacy & Security, vol. 2, pp. 25-31, 2004. D. Nelson, V. Reed, and J. Walling. Pictorial superiority effect. Journal of Experimental Psychology: Human Learning and Memory, 2(5), 1976. S. Komanduri and D. Hutchings. Order and entropy in picture passwords. In GI. ACM, 2008. Alain Forget, Sonia Chiasson, & Robert Biddle. Shoulder-Surfing Resistance with Eye-Gaze Entry in Cued-Recall Graphical Passwords. ACM, 2010 D.Weinshall. Cognitive authentication schemes safe against spyware (short paper). In Proc. of the 2006 IEEE Symposium on Security and Privacy (S&P 2006), pages 295–300, Berkeley/Oakland, California, USA, May 2006. IEEE Computer Society. P. Golle and D. Wagner. Cryptanalysis of a cognitive authentication scheme (extended abstract). In Proc. of the 2007 IEEE Symposium on Security and Privacy (S&P 2007), pages 66–70, Oakland, California, USA, May 2007. IEEE Computer Society. PassFace. REAL USER’S COGNOMETRIC SOLUTION. ”Retrieved 09/24/2012, 2003 from http://csrc.nist.gov/archive

Download ppt "Enhancing PIN entry security against Shoulder-Surfing attacks Amir Tayyebi Moghaddam Master of Industrial Design Candidate 2013 Primary Advisor Dr. Young."

Similar presentations

Context Diagram Yong Choi BPA CSUB.

Context Diagram Yong Choi BPA CSUB.
PRESENTED BY: FATIMA ALSALEH Credit Cards Fraud - skimmers -

PRESENTED BY: FATIMA ALSALEH Credit Cards Fraud - skimmers -
Market Research Ms. Roberts 10/12. Definition: The process of obtaining the information needed to make sound marketing decisions.

Market Research Ms. Roberts 10/12. Definition: The process of obtaining the information needed to make sound marketing decisions.
© 2012 by Vaclav Rajlich 16 Related topics Software assumed a central role –it should contribute to the society’s well-being –should not be a growing threat.

© 2012 by Vaclav Rajlich 16 Related topics Software assumed a central role –it should contribute to the society’s well-being –should not be a growing threat.
SEM II : Marketing Research

SEM II : Marketing Research
Chameleon: A Novel System for Defending Eavesdropping of Secret Information Saiyma Sarmin Department of Computer.

Chameleon: A Novel System for Defending Eavesdropping of Secret Information Saiyma Sarmin Department of Computer.
What are the questions really asking?

What are the questions really asking?
An Improved Methodology Towards Providing Immunity Against Weak Shoulder Surfing Attack Nilesh Chakraborty And Samrat Mondal.

An Improved Methodology Towards Providing Immunity Against Weak Shoulder Surfing Attack Nilesh Chakraborty And Samrat Mondal.
3d ..

3d ..
3D-password A more secured authentication G.Suresh babu Roll no:08H71A05C2 Computer science & engineering Mic college of technology Guide:Mrs A.Jaya Lakshmi.

3D-password A more secured authentication G.Suresh babu Roll no:08H71A05C2 Computer science & engineering Mic college of technology Guide:Mrs A.Jaya Lakshmi.
Learning Goals Explain the importance of information to the company

Learning Goals Explain the importance of information to the company
Team Composition and Team Role Allocation in Agile Project Teams Brian Turrel 30 March 2015.

Team Composition and Team Role Allocation in Agile Project Teams Brian Turrel 30 March 2015.
High Reliability Biometric Identification Systems Working Group Day 1 Summary March 7, 2005 Larry Hornak, Fabian Monrose, Douglas Reynolds, Ruby Lee, Ingrid.

High Reliability Biometric Identification Systems Working Group Day 1 Summary March 7, 2005 Larry Hornak, Fabian Monrose, Douglas Reynolds, Ruby Lee, Ingrid.
VOICE BOX® VOICE RECOGNITION Using YOUR Voice to Protect YOUR Identity! By Neil Madadi, Allison Wright, Ava Embry, Jacob Howard.

VOICE BOX® VOICE RECOGNITION Using YOUR Voice to Protect YOUR Identity! By Neil Madadi, Allison Wright, Ava Embry, Jacob Howard.
Using Soft Systems Methodology to Understand how to Exploit Learning Technologies in Developing Countries C. Sanga, & I.M. Venter, Computer Science Department.

Using Soft Systems Methodology to Understand how to Exploit Learning Technologies in Developing Countries C. Sanga, & I.M. Venter, Computer Science Department.
Biometrics: Voice Recognition

Biometrics: Voice Recognition
Section 29.1 Marketing Research

Section 29.1 Marketing Research
1 China Web Accessibility Standard Wu Yinghua

1 China Web Accessibility Standard Wu Yinghua
AS Level ICT Selection and use of input devices and input media: Capturing transaction data.

AS Level ICT Selection and use of input devices and input media: Capturing transaction data.
Alternative Input Devices. Digital Camcorder View recordings on a regular TV or copy them to VHS tape Send MPEG video clips by way of e-mail to a mobile.

Alternative Input Devices. Digital Camcorder View recordings on a regular TV or copy them to VHS tape Send MPEG video clips by way of to a mobile.

Similar presentations

Ads by Google