Color Pass: An intelligent user interface to resist shoulder surfing attack

Author

Chakraborty, Nilesh ; Mondal, Samrat

Author_Institution

Dept. of Comput. Sci. & Eng., Indian Inst. of Technol., Patna, Patna, India

fYear

2014

fDate

Feb. 28 2014-March 2 2014

Firstpage

13

Lastpage

18

Abstract

Classical PIN entry mechanism is widely used for authenticating a user. It is a popular scheme because it nicely balances the usability and security aspects of a system. However, if this scheme is to be used in a public system then the scheme may suffer from shoulder surfing attack. In this attack, an unauthorized user can fully or partially observe the login session. Even the activities of the login session can be recorded which the attacker can use it later to get the actual PIN. In this paper, we propose an intelligent user interface, known as Color Pass to resist the shoulder surfing attack so that any genuine user can enter the session PIN without disclosing the actual PIN. The Color Pass is based on a partially observable attacker model. The experimental analysis shows that the Color Pass interface is safe and easy to use even for novice users.

Keywords

authorisation; computer crime; message authentication; user interfaces; PIN entry mechanism; color pass; intelligent user interface; login session; partially observable attacker model; public system; security aspects; session PIN; shoulder surfing attack; unauthorized user; usability aspects; user authentication; Arrays; Authentication; Color; Resists; Usability; User interfaces; Color PIN; Partially Observable; Password; Shoulder Surfing Attack; User Interface;

fLanguage

English

Publisher

ieee

Conference_Titel

Students' Technology Symposium (TechSym), 2014 IEEE

Conference_Location

Kharagpur

Print_ISBN

978-1-4799-2607-7

Type

conf

DOI

10.1109/TechSym.2014.6807906

Filename

6807906