CipherCard: A Token-based Approach against Camera-based Shoulder Surfing Attacks on Common Touchscreen Devices

Seyed, T., Yang, X.D., Tang, A., Greenberg, S., Gu, J., Zhu, B. and Cao, X. (2015)
CipherCard: A Token-based Approach against Camera-based Shoulder Surfing Attacks on Common Touchscreen Devices. In Proceedings of the 15th IFIP TC.13 International Conference on Human-Computer Interaction - Interact'2015. (Bamberg, Germany), Springer, 18 pages, September 14-18. Earlier version (including a video) available as Report 2014-1063-16.

View Publication and Related Materials

PDF Paper (2015-Ciphercard.Interact.pdf)

Abstract

We present CipherCard, a physical token that defends against shoulder-surfing attacks on user authentication on capacitive touchscreen devices. When Cipher-Card is placed over a touchscreen's pin-pad, it remaps a user's touch point on the physical token to a different location on the pin-pad. It hence translates a visible user password into a different system password received by a touchscreen, but is hidden from observers as well as the user. CipherCard en-hances authentication security through Two-Factor Authentication (TFA), in that both the correct user password and a specific card are needed for successful au-thentication. We explore the design space of CipherCard, and describe three im-plemented variations each with unique capabilities. Based on user feedback, we discuss the security and usability implications of CipherCard, and describe sever-al avenues for continued exploration.

Keywords

Shoulder-surfing attack, capacitive touchscreen, PIN, entry, security

Bibtex entry

@INPROCEEDINGS { 2015-Ciphercard.Interact, CLASS = { CONFARTICLE }, AUTHOR = { Seyed, T. and Yang, X.D. and Tang, A. and Greenberg, S. and Gu, J. and Zhu, B. and Cao, X. }, TITLE = { CipherCard: A Token-based Approach against Camera-based Shoulder Surfing Attacks on Common Touchscreen Devices }, BOOKTITLE = { Proceedings of the 15th IFIP TC.13 International Conference on Human-Computer Interaction - Interact'2015 }, YEAR = { 2015 }, MONTH = { September 14-18 }, PAGES = { 18 pages }, PUBLISHER = { Springer }, ADDRESS = { Bamberg, Germany }, KEYWORDS = { Shoulder-surfing attack, capacitive touchscreen, PIN, entry, security }, NOTE = { Earlier version (including a video) available as Report 2014-1063-16 }, }

All publications

By type

By year

By author

CipherCard: A Token-based Approach against Camera-based Shoulder Surfing Attacks on Common Touchscreen Devices

View Publication and Related Materials

Abstract

Keywords

Bibtex entry

All publications

By type#toggle_type { display:none; } @media print { #toggle_type { display:block; } }

By year#toggle_year { display:none; } @media print { #toggle_year { display:block; } }

By author#toggle_author { display:none; } @media print { #toggle_author { display:block; } }

CipherCard: A Token-based Approach against Camera-based Shoulder Surfing Attacks on Common Touchscreen Devices

View Publication and Related Materials

Abstract

Keywords

Bibtex entry

By type

By year

By author