Publication Details
Download |
Alexander De Luca, Emanuel von Zezschwitz, Heinrich Hussmann
VibraPass - Secure Authentication Based on Shared Lies In CHI '09: Proceedings of the 27th international Conference on Human Factors in Computing Systems. Boston, MA, USA, April 4 - 9, 2009. ACM, New York, NY, 913-916. DOI= http://doi.acm.org/10.1145/1518701.1518840, ISBN 978-1-60558-246-7. (bib) |
Authentication in public spaces is a risky task. Frauds on cash machines (ATMs) are not uncommon nowadays. The biggest group of attacks is observation attacks, which focus on recording the input done by the users. In this work, we present VibraPass, a system created to be resilient against observation attacks using tactile feedback provided by the users own mobile devices. In this way, secret information is shared between the terminal and the users to add an overhead of lies to the input which makes it hard for attackers to steal the real PIN or password. We present an evaluation, which shows that VibraPass has the potential to replace current au-thentication systems due to increased security combined with reasonable input speed and error rates. |