Communications of the ACM
A PIN-entry method resilient against shoulder surfing
Proceedings of the 11th ACM conference on Computer and communications security
Spy-resistant keyboard: more secure password entry on public touch screen displays
OZCHI '05 Proceedings of the 17th Australia conference on Computer-Human Interaction: Citizens Online: Considerations for Today and the Future
Design and evaluation of a shoulder-surfing resistant graphical password scheme
Proceedings of the working conference on Advanced visual interfaces
Pictures at the ATM: exploring the usability of multiple graphical passwords
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Undercover: authentication usable in front of prying eyes
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Use Your Illusion: secure authentication usable anywhere
Proceedings of the 4th symposium on Usable privacy and security
Authentication on public terminals with private devices
Proceedings of the fifth international conference on Tangible, embedded, and embodied interaction
Obfuscating authentication through haptics, sound and light
CHI '11 Extended Abstracts on Human Factors in Computing Systems
A simple modeling method for mobile password schemes and its analysis
Proceedings of the 9th International Conference on Advances in Mobile Computing and Multimedia
Counting clicks and beeps: Exploring numerosity based haptic and audio PIN entry
Interacting with Computers
WYSWYE: shoulder surfing defense for recognition based graphical passwords
Proceedings of the 24th Australian Computer-Human Interaction Conference
Extended PIN Authentication Scheme Allowing Multi-Touch Key Input
Proceedings of International Conference on Advances in Mobile Computing & Multimedia
Hi-index | 0.01 |
Automated teller machine (ATM) frauds are increasing drastically these days. When analyzing the most common attacks and the reasons for successful frauds, it becomes apparent that the main problem lies in the PIN based authentication which in itself does not provide any security features (besides the use of asterisks). That is, security is solely based on a user's behavior. Indirect input is one way to solve this problem. This mostly comes at the costs of adding overhead to the input process. We present ColorPIN, an authentication mechanism that uses indirect input to provide security enhanced PIN entry. At the same time, ColorPIN remains a one-to-one relationship between the length of the PIN and the required number of clicks. A user study showed that ColorPIN is significantly more secure than standard PIN entry while enabling good authentication speed in comparison with related systems.