2018 12th International Conference on Research Challenges in Information Science (RCIS) 2018
DOI: 10.1109/rcis.2018.8406648
|View full text |Cite
|
Sign up to set email alerts
|

Security analysis and psychological study of authentication methods with PIN codes

Abstract: Index Terms-security, authentication, pin code Abstract-Touch screens have become ubiquitous in the past few years, like for instance in smartphones and tablets. These devices are often the entry door to numerous information systems, hence having a secure and practical authentication mechanism is crucial. In this paper, we examine the complexity of different authentication methods specifically designed for such devices.We study the widely spread technology to authenticate a user using a Personal Identifier Num… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1

Citation Types

0
12
0
1

Year Published

2018
2018
2023
2023

Publication Types

Select...
4
2
1

Relationship

0
7

Authors

Journals

citations
Cited by 16 publications
(13 citation statements)
references
References 27 publications
0
12
0
1
Order By: Relevance
“…INTRODUCTION With the rapid rise in use of mobile devices, access security is becoming a global concern. As the most widely used and accepted method, password-based identity authentication [1] has many security loopholes, such as brute force cracking and smudge attacks [2]. Keystroke authentication can be a good alternative as it not only solves the insecurity of passwords but also has other advantages, such as low cost, high flexibility, and simpler hardware structure as compared to other biometric authentication methods [3][4][5], such as fingerprint and face identification.…”
Section: Imentioning
confidence: 99%
“…INTRODUCTION With the rapid rise in use of mobile devices, access security is becoming a global concern. As the most widely used and accepted method, password-based identity authentication [1] has many security loopholes, such as brute force cracking and smudge attacks [2]. Keystroke authentication can be a good alternative as it not only solves the insecurity of passwords but also has other advantages, such as low cost, high flexibility, and simpler hardware structure as compared to other biometric authentication methods [3][4][5], such as fingerprint and face identification.…”
Section: Imentioning
confidence: 99%
“…In [6], the authors developed the idea that public-key infrastructure based systems, such as strong passwords in combination with physical tokens, for example, a cell phone, would be more likely to be used and largely deployed. Nonetheless, it is worth mentioning that the most common procedure for mobile devices authentication is still a code of four or six digits [7].…”
Section: Related Workmentioning
confidence: 99%
“…Since the gradient and the Hessian matrix are computed with finite differences, the only prerequisite for Paratuck2 tensor decomposition is the factorization equation (7). Thus, the method can be transposed to other decompositions, such as CP, by merely changing the tensor decomposition equation.…”
Section: B Aphen and Approximate Derivativesmentioning
confidence: 99%
“…For user convenience, PINs are often short (up to eight digits) to allow access to only authorised users. PINs are widely used for user authentication such as withdrawing cash from mobile money or withdrawing money from an automated teller machine (ATM) [84]. Mtaho [52], Islam [85], Ombiro [86], Singh and Jasmine [87], Fan et al [88], Islam et al [89], and Zadeh and Barati [90] employed authentication schemes using PINs to verify user identity.…”
mentioning
confidence: 99%
“…The PIN should be easy to remember, random, and hard to guess, while it should be changed frequently, distinct for different accounts, and not written down or stored in plaintext [52]. However, using a PIN in mobile money authentication is susceptible to shoulder surfing attacks, brute force attacks, and smudge attacks [83,84,91]. • OTP: Elganzoury, Abdelhafez, and Hegazy [92] defined OTP as a unique and time-sensitive string of alphanumeric characters generated and forwarded to the user's mobile phone via either email or SMS for a single authentication session.…”
mentioning
confidence: 99%