research-article

The secure haptic keypad: a tactile password system

Authors:
Andrea Bianchi

Korea Advanced Institute of Science and Technology, Daejeon, South Korea

Korea Advanced Institute of Science and Technology, Daejeon, South Korea
View Profile

,
Ian Oakley

Universidade da Madeira, Campus da Penteada, Funchal, Portugal

Universidade da Madeira, Campus da Penteada, Funchal, Portugal
View Profile

,
Dong Soo Kwon

Korea Advanced Institute of Science and Technology, Daejeon, South Korea

Korea Advanced Institute of Science and Technology, Daejeon, South Korea
View Profile

CHI '10: Proceedings of the SIGCHI Conference on Human Factors in Computing SystemsApril 2010Pages 1089–1092https://doi.org/10.1145/1753326.1753488

Published:10 April 2010Publication History

CHI '10: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

Pages 1089–1092

ABSTRACT

Authentication in public spaces poses significant security risks. Most significantly, passwords can be stolen, potentially leading to fraud. A common method to steal a PIN is through an observation attack, either using a camera or through direct observation (e.g. shoulder-surfing). This paper addresses this problem by presenting the design and implementation of a novel input keypad which uses tactile cues as means to compose a password. In this system, passwords are encoded as a sequence of randomized vibration patterns, making it visually impossible for an observer to detect which items are selected. An evaluation of this system shows it outperforms previous interfaces which have used tactile feedback to obfuscate passwords.

Supplemental Material

1753488.mp4

mp4

87.2 MB

Download

Available for Download

other

Slides from the presentation

mp3

1753488.mp3 (6.3 MB)

References

Blonder, G. E. Graphical passwords. United States Patent 5559961, 1996Google Scholar
Brewster, S. A. and Brown, L. M. Non-visual information display using tactons. In Ext Abs of CHI '04. ACM, NY, 2004, pp. 787--788. Google ScholarDigital Library
De Luca, A., von Zezschwitz, E., and Huβmann, H. 2009. Vibrapass: secure authentication based on shared lies. In Procs. of CHI '09. ACM, NY, pp. 913--916. Google ScholarDigital Library
Giesen, L. ATM fraud: Does it warrant the expense to fight it? Banking Strategies, 2006, vol. 82, issue 6.Google Scholar
Hart, S. G., & Staveland, L. E. Development of a multi-dimensional workload rating scale. In Human mental workload, 1988, 139--183. Elsevier.Google Scholar
Kumar, M., Garfinkel, T., Boneh, D., and Winograd, T. Reducing shoulder-surfing by using gaze-based pass-word entry. In Procs of the 3rd Symposium on Usable Privacy and Security (SOUPS '07), vol. 229. ACM, NY, 2007, pp. 13--19. Google ScholarDigital Library
Patel, S. N., Pierce, J. S., and Abowd, G. D. 2004. A gesture-based authentication scheme for untrusted public terminals. In Procs of UIST '04. ACM, NY. Google ScholarDigital Library
Roth, V., Richter, K., and Freidinger, R. A PIN-entry method resilient against shoulder surfing. In Procs of the 11th ACM Conference on Computer and Communications Security, (CCS '04). ACM, NY, 2004. Google ScholarDigital Library
Sasamoto, H., Christin, N., and Hayashi, E. Undercover: authentication usable in front of prying eyes. In Procs of CHI '08. ACM, New York, NY, 2008, pp. 183--192. Google ScholarDigital Library
Tan, D. S., Keyani, P., and Czerwinski, M. Spy-resistant keyboard: more secure password entry on public touch screen displays. In Procs of the 17th Australia Conference on Computer-Human interaction , pp. 1--10. Google ScholarDigital Library
Wickens, C. D. & Hollands, J. G. Engineering Psychology & Human Performance, 2000, Prentice Hall.Google Scholar

Index Terms

The secure haptic keypad: a tactile password system
1. Human-centered computing
  1. Human computer interaction (HCI)
    1. Interaction devices
      1. Haptic devices

Recommendations

The phone lock: audio and haptic shoulder-surfing resistant PIN entry methods for mobile devices
TEI '11: Proceedings of the fifth international conference on Tangible, embedded, and embodied interaction

Tangible user interfaces are portals to digital information. In the future, securing access to such material will be an important concern. This paper describes the design, implementation and evaluation of a PIN entry system based on audio or haptic cues ...
Read More
The haptic wheel: design & evaluation of a tactile password system
CHI EA '10: CHI '10 Extended Abstracts on Human Factors in Computing Systems

Authentication through passwords in public spaces (such as in ATMs) is susceptible to simple observation attacks, such as shoulder surfing, which can result in the password being compromised and ultimately the exposure of users to fraud and theft. ...
Read More
SafetyPIN: Secure PIN Entry Through Eye Tracking
Proceedings of the Third International Conference on Human Aspects of Information Security, Privacy, and Trust - Volume 9190

When a user enters a personal identification number PIN into an automated teller machine or a point of sale terminal, there is a risk of some one watching from behind, trying to guess the PIN code. Such shoulder-surfing is a major security threat. In ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CHI '10: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
April 2010
2690 pages
ISBN:9781605589299
DOI:10.1145/1753326
General Chair:
Elizabeth Mynatt
Georgia Institute of Technology
,
Program Chairs:
Geraldine Fitzpatrick
Vienna University of Technology
,
Scott Hudson
Carnegie Mellon University
,
Keith Edwards
Georgia Tech
,
Tom Rodden
University of Nottingham
Copyright © 2010 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 10 April 2010
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
pin entry
security
tactile ui
user study
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate6,199of26,314submissions,24%
Upcoming Conference
CHI '24

Sponsor:

sigchi

CHI Conference on Human Factors in Computing Systems

May 11 - 16, 2024

Honolulu , HI , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 42
  Total Citations
  View Citations
- 1,650
  Total Downloads
- Downloads (Last 12 months)38
- Downloads (Last 6 weeks)7
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

The secure haptic keypad: a tactile password system

CHI '10: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

ABSTRACT

Supplemental Material

Available for Download

References

Cited By

Index Terms

Recommendations

The phone lock: audio and haptic shoulder-surfing resistant PIN entry methods for mobile devices

The haptic wheel: design & evaluation of a tactile password system

SafetyPIN: Secure PIN Entry Through Eye Tracking