Name
Title | ||
|---|---|---|
Assessing the vulnerability of magnetic gestural authentication to video-based shoulder surfing attacks |
Abstract | ||
|---|---|---|
Secure user authentication on mobile phones is crucial, as they store highly sensitive information. Common approaches to authenticate a user on a mobile phone are based either on entering a PIN, a password, or drawing a pattern. However, these authentication methods are vulnerable to the shoulder surfing attack. The risk of this attack has increased since means for recording high-resolution videos are cheaply and widely accessible. If the attacker can videotape the authentication process, PINs, passwords, and patterns do not even provide the most basic level of security. In this project, we assessed the vulnerability of a magnetic gestural authentication method to the video-based shoulder surfing attack. We chose a scenario that is favourable to the attack-er. In a real world environment, we videotaped the interactions of four users performing magnetic signatures on a phone, in the presence of HD cameras from four different angles. We then recruited 22 participants and asked them to watch the videos and try to forge the signatures. The results revealed that with a certain threshold, i.e, th=1.67, none of the forging attacks was successful, whereas at this level all eligible login attempts were successfully recognized. The qualitative feedback also indicated that users found the magnetic gestural signature authentication method to be more secure than PIN-based and 2D signature methods. |
Year | DOI | Venue |
|---|---|---|
2012 | 10.1145/2207676.2208352 | CHI |
Keywords | Field | DocType |
basic level,authentication method,magnetic gestural authentication method,authentication process,secure user authentication,mobile phone,magnetic gestural signature authentication,signature method,video-based shoulder,magnetic signature,authentication,magnet,signature,high resolution | Chip Authentication Program,Authentication,Challenge–response authentication,Computer science,Computer security,Login,Human–computer interaction,Authentication protocol,Password,Mobile phone,Shoulder surfing | Conference |
Citations | PageRank | References |
14 | 0.72 | 11 |
Authors | ||
4 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Alireza Sahami Shirazi | 1 | 728 | 42.82 |
| Peyman Moghadam | 2 | 165 | 12.92 |
| Hamed Ketabdar | 3 | 245 | 19.97 |
| Albrecht Schmidt | 4 | 6495 | 696.81 |