Abstract
Authentication in public spaces is inherently exposed to observation attacks in which passwords are stolen by the simple act of watching the data input process. Addressing this issue are systems that secure authentication input via PINs or passwords that rely on sets of relatively unobservable tactile or audio cues. However, although secure, such systems typically invoke high levels of cognitive load in their users which is instantiated in lengthy authentication times and high error rates and most likely due to significant cognitive demands in terms of processing, mapping or recalling non visual information. To address this issue this paper introduces Spinlock, a novel authentication technique based on repeated presentation, recognition and enumeration of a single, simple invisible cue (audio or haptic), rather than a set of structured stimuli. This approach maintains the security but avoids the complexity of previous systems. A prototype illustrating this concept is described as well as a study comparing modalities and gauging overall levels of performance, usability and security. The results show that authentication with Spinlock is faster and less error prone than previous non-visual systems, while maintaining a similar security level. Limitations and future work are discussed.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Giesen, L.: ATM fraud: Does it warrant the expense to fight it? Banking Strategies 82(6) (2006)
De Luca, A., Langheinrich, M., Hussmann, H.: Towards understanding ATM security: a field study of real world ATM use. In: Proceedings SOUPS 2010 (2010)
Bianchi, A., Oakley, I., Kwon, D.S.: The Secure Haptic Keypad: Design and Evaluation of a Tactile Password System. In: CHI 2010, pp. 1089–1092. ACM, New York (2010)
Sasamoto, H., Christin, N., Hayashi, E.: Undercover: authentication usable in front of prying eyes. In: Procs of CHI 2008, pp. 183–192. ACM, New York (2008)
Brewster, S.A., Brown, L.M.: Non-visual information display using tactons. In: Procs of CHI 2004 Extended Abstracts, pp. 787–788 (2004)
Malek, B., Orozco, M., Saddik, A.: Novel shoulder- surfing resistant haptic-based graphical password. In: Proceedings of EuroHaptics (2006)
De Luca, A., von Zezschwitz, E., Hußmann, H.: Vibrapass: secure authentication based on shared lies. In: Procs. of CHI 2009, pp. 913–916. ACM, New York (2009)
Bianchi, A., Oakley, I., Lee, J., Kwon, D.: The haptic wheel: design & evaluation of a tactile password system. In: Proceedings of CHI 2010, pp. 3625–3630. ACM, New York (2010)
Bianchi, A., Oakley, I., Kostakos, V., Kwon, D.: The Phone Lock: Audio and Haptic shoulder-surfing resistant PIN entry methods. In: Proc. of ACM TEI 2011. ACM, New York (2011)
Kuber, R., Yu, W.: Feasibility study of tactile-based authentication. International Journal of Human-Computer Studies 68(3), 158–181 (2010)
Brown, L.M., Brewster, S.A., Purchase, H.C.: Purchase, Multidimensional tactons for non-visual information presentation in mobile devices. In: Proc. of MobileHCI 2006, pp. 231–238 (2006)
Garcia-Salicetti, S., Beumier, C., Chollet, G., Dorizzi, B., Jardins, J., Lunter, J., Ni, Y., Petrovska-Delacrétaz, D.: BIOMET: A Multimodal Person Authentication Database Including Face, Voice, Fingerprint, Hand and Signature Modalities. In: Kittler, J., Nixon, M.S. (eds.) AVBPA 2003. LNCS, vol. 2688, pp. 845–853. Springer, Heidelberg (2003)
Faraj, M.I., Bigun, J.: Audio-visual person authentication using lip-motion from orientation maps. Pattern Recognition Letters 28(11), 1368–1382 (2007)
SHAKE SK6, http://code.google.com/p/shake-drivers
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bianchi, A., Oakley, I., Kwon, D.S. (2011). Spinlock: A Single-Cue Haptic and Audio PIN Input Technique for Authentication. In: Cooper, E.W., Kryssanov, V.V., Ogawa, H., Brewster, S. (eds) Haptic and Audio Interaction Design. HAID 2011. Lecture Notes in Computer Science, vol 6851. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22950-3_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-22950-3_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22949-7
Online ISBN: 978-3-642-22950-3
eBook Packages: Computer ScienceComputer Science (R0)