Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2011.18C.2.071

Advanced Password Input Method in Automated Teller Machines/Cash Dispenser  

Kim, Tae-Hee (동신대학교 디지털콘텐츠학과)
Park, Seung-Bae ((주)신비테크)
Kang, Moon-Seol (광주대학교 컴퓨터공학과)
Publication Information
The KIPS Transactions:PartC / v.18C, no.2, 2011 , pp. 71-78 More about this Journal
Abstract
Financial accidents such as password exposure of credit cards or bankbooks occur often when a password is inputted to ATM/CD(Automated Teller Machines and Cash Dispenser), so particular attention is required when inputting a password. This study suggested a method to input a password safely to prevent stealing a glance at a password in case of the use of ATM/CD. The method is that users input a password when numbers are randomly displayed and disappear not to notice the password even though someone is next to or behind the users. As methods to input a password safely, the study verified safety by dividing the methods into a test of shoulder surfing, an intuitive perspective, and a theoretical analysis. In addition, the result of implementation to apply the method to ATM/CD shows that a percentage of acquiring a password from the attack of shoulder surfing is found to be lower than an existing method, so password exposure can be prevented.
Keywords
Shoulder Surfing; Password Exposure; ATM(Automated Teller Machines); CD(Cash Dispenser); Financial Accidents; DAS(Dynamic Authentication system);
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Edward K. Vogel & Maro G. Machizawa, "Neural activity predicts individual differences in visual working memory capacity", Nature, Vol.428, pp.748-751, 2004.   DOI   ScienceOn
2 INCA Internt Co., Ltd., P-Protect, http://www.inca.co.kr/include_file/pdf_down /A-P-Protect.pdf.
3 금융보안연구원, '○○은행 A-DAS' 금융보안적합성 시험 검토 보고서, 금융보안연구원(FSA : Financial Security Agency, http://www.fsa.or.kr), pp.1-10, 2008.
4 S.B. Park, M.S. Kang, Secure Password System against Imposter, The KIPS Transactions : Part C, Vol.10-C, No.2, pp.141-144, 2003.   과학기술학회마을   DOI   ScienceOn
5 S.B. Park, M.S. Kang, and S.J. Lee, "Authenticated key exchange protocol secure against off-line dictionary attack and server compromise", Lecture Notes in Computer Science, Vol.3032, pp.924-931, 2004.   DOI   ScienceOn
6 Sorinamoo Solution, "Secure method for generating one time password and interpreting one time password", Korean Intellectual Property Office, 2007. 01
7 Nebojsa Jojic and Paul Roberts, "image based password systems", http://research.microsoft.com/en-us/um/people/darkok/projectssyscli.htm.
8 D. Kirovski, N. Jojic, and P. Roberts. "Click Passwords", 21st IFIP International Information Security Conference, pp.351-363, 2006.
9 RealUser, "Passfaces: Two Factor Authentication, Graphical Password", http://www.realuser.com/index.htm.
10 Manu Kumar, Tal Garfinkel, Dan Boneh, Terry Winograd, "Reducing Shoulder-surfing by Using Gaze-based Password Entry", Proceedings of the 3rd symposium on Usable Privacy and Security(SOUPS 2007), pp.13-19, 2007.
11 Financial Supervisory Service, "UK Internet banking-related fraud increased", Information of Financial Supervisory Service, No.396, pp.43-44, Nov., 2006.
12 BeOnePlus Co., Ltd, RhythmPass & ChamID, http://www.beone.co.kr/.
13 Nemeth, Garth Snyder, and Trent R. Hein, "Linux Administration Handbook(2nd Edition)", Prentice Hall PTR, 2006.
14 M.S. Kang, Y.I, Kim, Design and Implementation of Pinpad using Secure Technology from Shoulder Surfing Attack, The KIPS Transactions : Part D, Vol.17-D, No.2, pp.167-174, 2010.   과학기술학회마을   DOI   ScienceOn
15 Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone, "Applied Cryptography", CRC Press, 1997.
16 Li, Zhi., Sun, Qibin., Lian, Yong., Giusto, D.D., "An Association-Based Graphical Password Design Resistant to Shoulder-Surfing Attack", 2005 IEEE International Conference on Multimedia and Expo(ICME-05), pp.245-248, 2005.   DOI
17 Lei, M., Xiao, Y., Vrbsky, S.V., "Virtual password using random linear functions for on-line services, ATM machines, and pervasive computing", Computer communications, Vol.31 No.18, pp.4367-4375, 2008.   DOI   ScienceOn