Friday, June 15, 2012

Spotted: how easily can someone shoulder surf your phone's gesture lock?


Assessing the vulnerability of magnetic gestural authentication to video-based shoulder surfing attacks

Alireza Sahami Shirazi, Peyman Moghadam, Hamed Ketabdar, Albrecht Schmidt

Secure user authentication on mobile phones is crucial, as they store highly sensitive information. Common approaches to authenticate a user on a mobile phone are based either on entering a PIN, a password, or drawing a pattern. However, these authentication methods are vulnerable to the shoulder surfing attack. The risk of this attack has increased since means for recording high-resolution videos are cheaply and widely accessible. If the attacker can videotape the authentication process, PINs, passwords, and patterns do not even provide the most basic level of security. In this project, we assessed the vulnerability of a magnetic gestural authentication method to the video-based shoulder surfing attack.

No comments:

Post a Comment