A PIN-entry method resilient against shoulder surfing

Magnetic stripe cards are in common use for electronic payments and cash withdrawal. Reported incidents document that criminals easily pickpocket cards or skim them by swiping them through additional card readers. Personal identification numbers (PINs) are obtained by shoulder surfing, through the use of mirrors or concealed miniature cameras. Both elements, the PIN and the card, are generally sufficient to give the criminal full access to the victim's account. In this paper, we present alternative PIN entry methods to which we refer as cognitive trapdoor games. These methods make it significantly harder for a criminal to obtain PINs even if he fully observes the entire input and output of a PIN entry procedure. We also introduce the idea of probabilistic cognitive trapdoor games, which offer resilience to shoulder surfing even if the criminal records a PIN entry procedure with a camera. We studied the security as well as the usability of our methods, the results of which we also present in the paper.

[1]  G. A. Miller THE PSYCHOLOGICAL REVIEW THE MAGICAL NUMBER SEVEN, PLUS OR MINUS TWO: SOME LIMITS ON OUR CAPACITY FOR PROCESSING INFORMATION 1 , 1956 .

[2]  J. Doug Tygar,et al.  Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 , 1999, USENIX Security Symposium.

[3]  B. Murdock,et al.  The retention of individual items. , 1961, Journal of experimental psychology.

[4]  Ka-Ping Yee,et al.  User Interaction Design for Secure Systems , 2002, ICICS.

[5]  J. B. Brooke,et al.  SUS: A 'Quick and Dirty' Usability Scale , 1996 .

[6]  Xiang-Yang Li,et al.  Practical Human-Machine Identification over Insecure Channels , 1999, J. Comb. Optim..

[7]  Hideki Imai,et al.  Human Identification Through Insecure Channel , 1991, EUROCRYPT.

[8]  Adrian Perrig,et al.  This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Déjà Vu: A User Study Using Images for Authentication , 2000 .

[9]  Markus G. Kuhn – mkuhn Probability Theory for Pickpockets — ec-PIN Guessing , 1997 .

[10]  Dirk Balfanz Usable access control for the World Wide Web , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[11]  Paul Dourish,et al.  An approach to usable security based on event monitoring and visualization , 2002, NSPW '02.

[12]  Ross J. Anderson Why cryptosystems fail , 1994, CACM.

[13]  David Naccache,et al.  Chemical Combinatorial Attacks on Keyboards , 2003, IACR Cryptol. ePrint Arch..

[14]  Kevin R. Harwell United States Patent and Trademark Office , 2002 .

[15]  L. R. Peterson,et al.  Short-term retention of individual verbal items. , 1959, Journal of experimental psychology.

[16]  Sidney L. Smith Authenticating users by word association , 1987, Comput. Secur..

[17]  Ross J. Anderson Why cryptosystems fail , 1993, CCS '93.

[18]  Andrew S. Patrick,et al.  HCI and security systems , 2003, CHI Extended Abstracts.

[19]  Manuel Blum,et al.  Secure Human Identification Protocols , 2001, ASIACRYPT.

[20]  Diana K. Smetters,et al.  Moving from the design of usable security technologies to the design of useful secure applications , 2002, NSPW '02.

[21]  Daniela Gerd tom Markotten,et al.  User-Centered Security Engineering , 2002 .

[22]  Yishay Spector,et al.  Pass-sentence - a new approach to computer code , 1994, Comput. Secur..

[23]  Moshe Zviran,et al.  Cognitive passwords: The key to easy access control , 1990, Comput. Secur..

[24]  Maro G. Machizawa,et al.  Neural activity predicts individual differences in visual working memory capacity , 2004, Nature.

[25]  Manuel Blum,et al.  A Secure Human-Computer Authentication Scheme , 2000 .