Skip to Main content Skip to Navigation
Conference papers

CipherCard: A Token-Based Approach Against Camera-Based Shoulder Surfing Attacks on Common Touchscreen Devices

Abstract : We present CipherCard, a physical token that defends against shoulder-surfing attacks on user authentication on capacitive touchscreen devices. When CipherCard is placed over a touchscreen’s pin-pad, it remaps a user’s touch point on the physical token to a different location on the pin-pad. It hence translates a visible user password into a different system password received by a touchscreen, but is hidden from observers as well as the user. CipherCard enhances authentication security through Two-Factor Authentication (TFA), in that both the correct user password and a specific card are needed for successful authentication. We explore the design space of CipherCard, and describe three implemented variations each with unique capabilities. Based on user feedback, we discuss the security and usability implications of CipherCard, and describe several avenues for continued exploration.
Complete list of metadatas

Cited literature [24 references]  Display  Hide  Download

https://hal.inria.fr/hal-01599857
Contributor : Hal Ifip <>
Submitted on : Monday, October 2, 2017 - 3:41:06 PM
Last modification on : Thursday, November 23, 2017 - 3:34:02 PM

File

346942_1_En_34_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Teddy Seyed, Xing-Dong Yang, Anthony Tang, Saul Greenberg, Jiawei Gu, et al.. CipherCard: A Token-Based Approach Against Camera-Based Shoulder Surfing Attacks on Common Touchscreen Devices. 15th Human-Computer Interaction (INTERACT), Sep 2015, Bamberg, Germany. pp.436-454, ⟨10.1007/978-3-319-22668-2_34⟩. ⟨hal-01599857⟩

Share

Metrics

Record views

148

Files downloads

153