Browse > Article
http://dx.doi.org/10.22156/CS4SMB.2020.10.08.144

Implementation of Secure Keypads based on Tetris-Form Protection for Touch Position in the Fintech  

Mun, Hyung-Jin (Dept. of Information & Communication Engineering, Sungkyul University)
Kang, Sin-Young (Dept. of Computer Software, Hoseo University)
Shin, ChwaCheol (Dept. of Innovation & Convergence, Hoseo University)
Publication Information
Journal of Convergence for Information Technology / v.10, no.8, 2020 , pp. 144-151 More about this Journal
Abstract
User-authentication process is necessary in Fintech Service. Especially, authentication on smartphones are carried out through PIN which is inputted through virtual keypads on touch screen. Attacker can analogize password by watching touched letter and position over the shoulder or using high definition cameras. To prevent password spill, various research of virtual keypad techniques are ongoing. It is hard to design secure keypad which assures safety by fluctuative keypad and enhance convenience at once. Also, to reconfirm user whether password is wrongly pressed, the inputted information is shown on screen. This makes the password easily exposed through high definition cameras or Google Class during recording. This research analyzed QWERTY based secure keypad's merits and demerits. And through these features, creating Tetris shaped keypad and piece them together on Android environment, and showing inputted words as Tetris shape to users through smart-screen is suggested for the ways to prevent password spill by recording.
Keywords
Secure Keypads; Shoulder Surfing Attack; Authentication; Virtual Keypads; Tetris; Fintech Security;
Citations & Related Records
Times Cited By KSCI : 15  (Citation Analysis)
연도 인용수 순위
1 C. Nayak, M. Parhi & S. Ghosal.(2014). Robust virtual keyboard for online banking. International Journal of Computer Applications, 107(21), 36-38. DOI : 10.5120/19142-0530   DOI
2 K. H. Choi, K. Y. Chung & D. K. Shin (2016). A Study of Prevention Model the Spread of Phishing Attack for Protection the Medical Information. Journal of digital Convergence, 11(3), 273-277. DOI : 10.14400/JDPM.2013.11.3.273   DOI
3 B. S. Yu & S. H. Yun. (2011). The Design and Implementation of Messenger Authentication Protocol to Prevent Smartphone Phishing. Journal of the Korea Convergence Society, 2(4), 9-14. DOI : 10.15207/JKCS.2011.2.4.009   DOI
4 H. J. Seo & H. W. Kim. (2014). Secure Keypad with Encrypted Input Message. Journal of the Korea Institute of Information and Communication Engineering, 18(12), 2899-2910. DOI : 10.6109/jkiice.2014.18.12.2899   DOI
5 S. H. Kim, M. S. Park & S. J. Kim. (2014). Shoulder Surfing Attack Modeling and Security Analysis on Commercial Keypad Schemes. Journal of the Korea Institute of Information Security & Cryptology, 24(6), 1159-1174. DOI : 10.13089/JKIISC.2014.24.6.1159   DOI
6 D. R. Kim & K. H. Han. (2013). A Study on Multi-Media Contents Security using Smart Phone. Journal of digital Convergence, 11(11), 675-682. DOI : 10.14400/JDPM.2013.11.11.675   DOI
7 S. W. Choi & Y. J. Shin. (2015). Economy Effects of IT Industry on Financial and Insurance Services. Journal of digital Convergence, 13(1), 191-203. DOI : 10.14400/JDC.2015.13.1.191   DOI
8 D. R. Kim. (2015). A Study on the OTP Generation Algorithm for User Authentication. Journal of the Korea Convergence Society, 13(1), 283-288.
9 C. J. Chae, H. J. Cho & H.M. Jung. (2018). Authentication Method using Multiple Biometric Information in FIDO Environment. Journal of Digital Convergence, 16(1), 159-164. DOI : 10.14400/JDC.2018.16.1.159   DOI
10 S. H. Lee & D. W. Lee.(2015). FinTech-Conversions of Finance Industry based on ICT. Journal of the Korea Convergence Society, 6(3), 97-102. DOI : 10.15207/JKCS.2015.6.3.097   DOI
11 S. H. Hong, S. H. Park & Noe Lopez-Benitez (2017). Trends and Implications of Mobile and Online FinTech. International Journal of Emerging Multidisciplinary Research, 1(1), 43-47. DOI : 10.22662/IJEMR.2017.1.1.043.   DOI
12 Q. Yue, Z. Ling, X. Fu, B. Liu, W. Yu & W. Zhao. (2014). My google glass sees your passwords!. Proceedings of the Black Hat USA, https://www.blackhat.com/docs/us-14/materials/us-14-Fu-My-Google-Glass-Sees-Your-Passwords.pdf
13 Y. H. Lee. (2013). An Analysis on the Vulnerability of Secure Keypads for Mobile Devices. Journal of Korean Society for Internet Information, 14(3), 15-21.
14 H. J. Seo & H. W. Kim. (2016). Design of Security Keypad Against Key Stroke Inference Attack. Journal of the Korea Institute of Information Security & Cryptology, 26(1), 41-47. DOI : 10.13089/JKIISC.2016.26.1.41   DOI
15 Y. H. Lee. (2013). An Analysis on the Vulnerability of Secure Keypads for Mobile Devices. The Journal of Internet Computing and Services, 14(3), 15-21. DOI : 10.7472/jksii.2013.14.3.15   DOI
16 J. S. Song, M. W. Chung, S. H. Seo & S. H. Lee. (2015). Security vulnerability analysis of Simple Mobile Payments Services. The Korea Information Processing Society Fall Conference, 22(2), 817-820.
17 H. J. Mun. (2017). Virtual Keypads based on Tetris with Resistance for Attack using Location Information. Journal of the Korea Convergence Society, 8(6), 37-44. DOI : 10.15207/JKCS.2017.8.6.037   DOI
18 D. H. Lee, D. H. Bae, S. L Yoo, J. Y. Chae, Y. Lee & H. G. Yang. (2011). Analysis of safety in secure keypads for smartphone. REVIEW of The Korea Institute of Information Security and Cryptology, 21(7), 30-37. DOI : KIISC.2011.21.7.30.
19 D. Tak & D. Choi. (2016). Password Guessing Attack Resistant Circular Keypad for Smart Devices. Journal of Korea Multimedia Society, 19(8), 1395-1403. DOI : 10.9717/kmms.2016.19.8.1395   DOI
20 W.G. Pak, S. Yeo & Y.R. Cha. (2015). A Secure Virtual Keypad for Mobile devices. Proceeding of KOREA INFORMATION SCIENCE SOCIETY, 875-876.
21 J. Song, M. Jung, J. Choi & S. Seo. (2018). Proposal and Implementation of Security Keypad with Dual Touch. KIPS Transactions on Computer and Communication Systems, 7(3), 73-80. DOI : 10.3745/KTCCS.2018.7.3.73   DOI
22 Y. M. Kang, Y. G. Lee, H. J. Kwon, K. S. Han & H. S. Chung. (2016). A Study on the Information Security System of Fin-Tech Business. Journal of IT Convergence Society for SMB, 6(2), 19-24.   DOI
23 H. J. Kim, H. J. Seo, Y. C. Lee, T. H. Park & H.W. Kim(2013). Implementation of virtual finace keypads with resistance for shoulder surfing attack. REVIEW The Korea Institute of Information Security and Cryptology(KIISC), 23(6), 21-29. DOI : KIISC.2013.23.6.21.
24 K. An, H. Kwon, Y. Kwon & H. Seo.(2019). Security Implementation using Flexible Keypad. Journal of the Korea Institute of Information and Communication Engineering, 23(5), 613-621. DOI : 10.6109/JKIICE.2019.23.5.613   DOI
25 H. J. Mun & K. H. Han. (2018). Tetris security keypads design with higher security using alignment and padding. International Journal of Engineering & Technology, 7(2.33), 11-14. DOI : 10.14419/ijet.v7i2.33.13838