• Title/Summary/Keyword: Secure keypad

검색결과 14건 처리시간 0.021초

Secure Keypad with Encrypted Input Message (입력 메시지 암호화를 통한 보안 키패드의 설계와 구현)

  • Seo, Hwa-Jeong;Kim, Ho-Won
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • 제18권12호
    • /
    • pp.2899-2910
    • /
    • 2014
  • In this paper, we present method that verifies the validity of inputted message rather than showing last character on virtual keyboard. This encrypts password and valid input only can receive right feedback. This is implemented on Android phone and tested. This shows higher security than former method by 68.23% and accuracy shows 100%. This secure keypad is practical and secure so this can replace current input keypad without difficulty.

Implementation of Secure Keypads based on Tetris-Form Protection for Touch Position in the Fintech (핀테크에서 터치 위치 차단을 위한 테트리스 모양의 보안 키패드의 구현)

  • Mun, Hyung-Jin;Kang, Sin-Young;Shin, ChwaCheol
    • Journal of Convergence for Information Technology
    • /
    • 제10권8호
    • /
    • pp.144-151
    • /
    • 2020
  • User-authentication process is necessary in Fintech Service. Especially, authentication on smartphones are carried out through PIN which is inputted through virtual keypads on touch screen. Attacker can analogize password by watching touched letter and position over the shoulder or using high definition cameras. To prevent password spill, various research of virtual keypad techniques are ongoing. It is hard to design secure keypad which assures safety by fluctuative keypad and enhance convenience at once. Also, to reconfirm user whether password is wrongly pressed, the inputted information is shown on screen. This makes the password easily exposed through high definition cameras or Google Class during recording. This research analyzed QWERTY based secure keypad's merits and demerits. And through these features, creating Tetris shaped keypad and piece them together on Android environment, and showing inputted words as Tetris shape to users through smart-screen is suggested for the ways to prevent password spill by recording.

Password Guessing Attack Resistant Circular Keypad for Smart Devices (패스워드 추정 공격에 강인한 스마트 기기용 순환식 키패드)

  • Tak, Dongkil;Choi, Dongmin
    • Journal of Korea Multimedia Society
    • /
    • 제19권8호
    • /
    • pp.1395-1403
    • /
    • 2016
  • In recent years, researches of security threats reported that various types of social engineering attack were frequently observed. In this paper, we propose secure keypad scheme for mobile devices. In our scheme, every edge of keypad is linked each other, and it looks like a sphere. With this keypad, users input their password using pre-selected grid pointer. Because of circulation of the keypad layout, even though the attacker snatch the user password typing motion through the human eyes or motion capture devices, attacker do not estimate the original password. Moreover, without the information of grid pointer position, the attacker do not acquire original password. Therefore, our scheme is resistant to password guessing attack.

An Adaptive matrix-based Secure Keypad designed for Rollable and Bendable Display Environments (롤러블 및 벤더블 디스플레이 환경에 적합한 가변행렬 기반 보안 키패드)

  • Dong-Min Choi
    • Journal of Industrial Convergence
    • /
    • 제22권2호
    • /
    • pp.63-71
    • /
    • 2024
  • Conventional methods like PIN used in conventional smartphone form factor have not considered the variation in display structure or screen size. As a result, when applied to recent variable display-based smartphones, the secret information input unit may get reduced or enlarged, leading to vulnerabilities for social engineering attacks due to deformation of the display area. This study proposes a secure keypad that responds to changes in display size in rollable and bendable smart phones. Firstly, the security problems that may arise when applying classical authentication methods to new form factors were analyzed, and corresponding security requirements were derived. The proposed security keypad addresses the key input error problem that can occur when the screen size is small. The arrangement and size of keys can be deformed with the spacing suitable for input depending on the display size of rollable and bendable smartphones. The study also considered the problem of leaking input information for social engineering attacks by irregularly distributing key input coordinates. The proposed method provides better user experience and security than existing methods and can be used in smartphones of various sizes and shapes.

Research on Secure Keypads for Mobile Devices with Stretchable Displays (스트레처블 디스플레이가 적용된 모바일 기기의 보안 키패드 연구)

  • Dongmin Choi
    • The Journal of the Convergence on Culture Technology
    • /
    • 제10권3호
    • /
    • pp.885-890
    • /
    • 2024
  • This study proposes a secure keypad structure that can adapt to screen changes in mobile devices equipped with stretchable display. For this purpose, we compared and analyzed the authentication methods applied to current rigid form factor smartphones with those applied to rollable and bendable display based smartphones, which are the previous stages of stretchable display. Based on the results of this analysis, we identified potential user convenience and security safety issues that may arise in the form factor structure for smart wallets, multitasking, screen expansion and media viewing, and gaming and entertainment applications where stretchable displays will be applied, then proposed a security keypad structure for these form factors. Our keypad structure provides enhanced user convenience and security compared to the structures applied in the smartphone environment based on the conventional rigid display form factor and rollable, bendable display form factor.

Design for Position Protection Secure Keypads based on Double-Touch using Grouping in the Fintech (핀테크 환경에서 그룹핑을 이용한 이중 터치 기반의 위치 차단이 가능한 보안 키패드 설계)

  • Mun, Hyung-Jin
    • Journal of Convergence for Information Technology
    • /
    • 제12권3호
    • /
    • pp.38-45
    • /
    • 2022
  • Due to the development of fintech technology, financial transactions using smart phones are being activated. The password for user authentication during financial transactions is entered through the virtual keypad displayed on the screen of the smart phone. When the password is entered, the attacker can find out the password by capturing it with a high-resolution camera or spying over the shoulder. A virtual keypad with security applied to prevent such an attack is difficult to input on a small touch-screen, and there is still a vulnerability in peeping attacks. In this paper, the entire keypad is divided into several groups and displayed on a small screen, touching the group to which the character to be input belongs, and then touching the corresponding character within the group. The proposed method selects the group to which the character to be input belongs, and displays the keypad in the group on a small screen with no more than 10 keypads, so that the size of the keypad can be enlarged more than twice compared to the existing method, and the location is randomly placed, hence location of the touch attacks can be blocked.

Proposal and Implementation of Security Keypad with Dual Touch (이중 터치를 이용한 보안 키패드 제안 및 구현)

  • Song, Jinseok;Jung, Myung-Woo;Choi, Jung-In;Seo, Seung-Hyun
    • KIPS Transactions on Computer and Communication Systems
    • /
    • 제7권3호
    • /
    • pp.73-80
    • /
    • 2018
  • Due to the popularity of smartphones and the simplification of financial services, the number of mobile financial services is increasing. However, the security keypads developed for existing financial services are susceptible to probability analysis attacks and have security vulnerabilities. In this paper, we propose and implement a security keypad based on dual touch. Prior to the proposal, we examined the existing types of security keypads used in the mobile banking and mobile payment systems of Korean mobile financial businesses and analyzed the vulnerabilities. In addition, we compared the security of the proposed dual touch keypad as well as existing keypads using the authentication framework and the existing keypad attack types (Brute Force Attack, Smudge Attack, Key Logging Attack, and Shoulder Surfing Attack, Joseph Bonneau). Based on the results, we can confirm that the proposed security keypad with dual touch presented in this paper shows a high level of security. The security keypad with dual touch can provide more secure financial services, and it can be applied to other mobile services to enhance their security.

Design of Security Keypad Against Key Stroke Inference Attack (입력 위치 유추 방지를 위한 보안 키패드의 설계)

  • Seo, Hwajeong;Kim, Howon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • 제26권1호
    • /
    • pp.41-47
    • /
    • 2016
  • In Black hat USA 2014, a hacking method to infer the password entry of smartphone or smartpad with google glass in distance is presented. In this paper, we design the secure keypad to protect the key stroke inference attacks with google glass which has unique layout ensuring same input entry but different input value.

An Analysis on the Vulnerability of Secure Keypads for Mobile Devices (모바일 기기를 위한 보안 키패드의 취약점 분석)

  • Lee, Yunho
    • Journal of Internet Computing and Services
    • /
    • 제14권3호
    • /
    • pp.15-21
    • /
    • 2013
  • Due to the widespread propagation of mobile platforms such as smartphones and tablets, financial and e-commercial transactions based on these mobile platforms are growing rapidly. Unlike PCs, almost all mobile platforms do not provide physical keyboards or mice but provide virtual keypads using touchscreens. For this reason, an attacker attempts to obtain the coordinates of touches on the virtual keypad in order to get actual key values. To tackle this vulnerability, financial applications for mobile platforms use secure keypads, which change position of each key displayed on the virtual keypad. However, these secure keypads cannot protect users' private information more securely than the virtual keypads because each key has only 2 or 3 positions and moreover its probability distribution is not uniform. In this paper, we analyze secure keypads used by the most financial mobile applications, point out the limitation of the previous research, and then propose a more general and accurate attack method on the secure keypads.

Design of an Enhanced Group Keypad to Prevent Shoulder-Surfing Attacks and Enable User Convenience (어깨 너머 공격을 차단하고 사용 편의성이 가능한 개선된 그룹 키패드 설계)

  • Hyung-Jin Mun
    • Journal of Practical Engineering Education
    • /
    • 제15권3호
    • /
    • pp.641-647
    • /
    • 2023
  • In the fintech environment, ensuring secure financial transactions with smartphones requires authenticating the device owner. Smartphone authentication techniques encompass a variety of approaches, such as passwords, biometrics, SMS authentication, and more. Among these, password-based authentication is commonly used and highly convenient for user authentication. Although it is a simple authentication mechanism, it is susceptible to eavesdropping and keylogging attacks, alongside other threats. Security keypads have been proposed to address vulnerabilities in password input on smartphones. One such innovation is a group keypad, resistant to attacks that guess characters based on touch location. However, improvements are needed for user convenience. In this study, we aim to propose a method that enhances convenience while being resistant to eavesdropping and recording attacks on the existing group keypad. The proposed method uses new signs to allow users to verify instead of the last character confirmation easily and employs dragging-to-touch for blocking recording attacks. We suggest diverse positioning methods tailored for domestic users, improving efficiency and security in password input compared to existing methods.