Browse > Article
http://dx.doi.org/10.3745/KTCCS.2017.6.12.497

Technique for PIN Entry Using an Accelerometer Sensor and a Vibration Sensor on Smartphone  

Jung, Changhun (인하대학교 컴퓨터공학과)
Jang, RhongHo (인하대학교 컴퓨터공학과)
Nyang, DaeHun (인하대학교 컴퓨터공학과)
Lee, KyungHee (수원대학교 전기공학과)
Publication Information
KIPS Transactions on Computer and Communication Systems / v.6, no.12, 2017 , pp. 497-506 More about this Journal
Abstract
There have been previous researches about user authentication by analyzing the user's gait or behavior or action using the accelerometer sensor of smartphone, but there was a lack of user convenience to apply PIN entry. In this paper, we propose the technique for PIN entry without a touch on smartphone, the technique uses an accelerometer sensor and a vibration sensor built in the smartphone to enter the PIN. We conducted a usability experiment using the proposed technique and confirmed that the usability can be increased according to users become accustomed to this technique and that the users can enter PIN with 12.9 seconds and a probability of 100% on average. Also we conducted a security experiment and confirmed that an attack success rate is 0% when an attacker attacked the user using the recording attack and that it is more secure than the previous PIN entry technique. As a result, we was able to confirm that this technique can be used sufficiently.
Keywords
Authentication Protocol; PIN; Smartphone; Vibration; Accelerometer;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 C. Adams, "Personal Identification Number (PIN)," Encyclopedia of Cryptography and Security, pp.927, 2011.
2 S. B. Lee, "Simple Payment Market, still in Warring States period," Industry Report on Kyobo Securities Co., Ltd. Research Center, 2016.
3 A. Aviv, K. Gibson, E. Mossop, M. Blaze, and J. Smith, "Smudge Attacks on Smartphone Touch Screens," WOOT '10 Proceedings of the 4th USENIX Conference on Offensive Technologies, Washington, 2010.
4 F. Mohsen and M. Shehab, "Android Keylogging Threat," 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, Texas, 2013.
5 W. Goucher "Look behind you: the dangers of shoulder surfing," Computer Fraud & Security, Vol.2011, Iss.11, pp.17-20. 2011.   DOI
6 Q. Yue, Z. Ling, X. Fu, B. Liu, W. Yu, and W. Zhao, "My google glass sees your passwords!," in Proceedings of the Black Hat USA 2014, Las Vegas, 2014.
7 D. Gafurov, E. Snekkenes, and P. Bours, "Gait Authentication and Identification Using Wearable Accelerometer Sensor," 2007 IEEE Workshop on Automatic Identification Advanced Technologies, Alghero, 2007.
8 J. S. Seo and J. S. Moon, "A Study on User Authentication with Smartphone Accelerometer Sensor," Journal of the Korea Institute of Information Security & Cryptology, Vol.25, No.6, pp.1477-1484, 2015.   DOI
9 Y. K. Kim and J. S. Moon, "User Authentication Using Accelerometer Sensor in Wrist-Type Wearable Device," KIPS Transactions on Computer and Communication Systems, Vol.6, No.2, pp.67-74, 2017.   DOI
10 B. Shakirov, H. J. Kim, K. H. Lee, and D. H. Nyang, "Analysis on Vulnerability of Password Entry Using Virtual Onscreen Keyboard," Journal of the Korea Institute of Information Security & Cryptology, Vol.26, No.4, pp.857-869, 2016.   DOI
11 V. Roth, K. Richter, and R. Freidinger, "A PIN-Entry Method Resilient Against Shoulder Surfing," CCS '04 Proceedings of the 11th ACM conference on Computer and Communications Security, Washington, pp.236-245, 2004.
12 A. Bianchi, I. Oakley, V. Kostakos, and D. Kwon, "The phone lock: audio and haptic shoulder-surfing resistant PIN entry methods for mobile devices," TEI '11 Proceedings of the Fifth International Conference on Tangible, Embedded, and Embodied Interaction, Funchal, pp.197-200, 2011.