Design of a Tactile Aid for Non-Observable Mobile Authentication to Address Observation Attacks
Shoulder surfing remains a liability to the security of private data on mobile phones, even as
secondary biometric authentication becomes more commonplace. Mobile users in public or …
secondary biometric authentication becomes more commonplace. Mobile users in public or …
Towards baselines for shoulder surfing on mobile authentication
Given the nature of mobile devices and unlock procedures, unlock authentication is a prime
target for credential leaking via shoulder surfing, a form of an observation attack. While the …
target for credential leaking via shoulder surfing, a form of an observation attack. While the …
Communicating shoulder surfing attacks to users
A Saad, M Chukwu, S Schneegass - Proceedings of the 17th …, 2018 - dl.acm.org
Since mobile interaction takes place in almost every context, shoulder surfing attacks are
becoming more and more a threat to user's privacy. While several approaches exist to …
becoming more and more a threat to user's privacy. While several approaches exist to …
Understanding shoulder surfing in the wild: Stories from users and observers
Research has brought forth a variety of authentication systems to mitigate observation
attacks. However, there is little work about shoulder surfing situations in the real world. We …
attacks. However, there is little work about shoulder surfing situations in the real world. We …
Now you see me, now you don't: protecting smartphone authentication from shoulder surfers
In this paper, we present XSide, an authentication mechanism that uses the front and the
back of smartphones to enter stroke-based passwords. Users can switch sides during input …
back of smartphones to enter stroke-based passwords. Users can switch sides during input …
Baseline measurements of shoulder surfing analysis and comparability for smartphone unlock authentication
In this paper, we describe a novel approach to measure the susceptibility of smartphone
unlock authentication to shoulder surfing attacks. In our methodology, participants play the …
unlock authentication to shoulder surfing attacks. In our methodology, participants play the …
GazeTouchPIN: protecting sensitive data on mobile devices using secure multimodal authentication
Although mobile devices provide access to a plethora of sensitive data, most users still only
protect them with PINs or patterns, which are vulnerable to side-channel attacks (eg …
protect them with PINs or patterns, which are vulnerable to side-channel attacks (eg …
Shoulder Surfing on Mobile Authentication: Perception vis-a-vis Performance from the Attacker's Perspective
Shoulder-surfing studies in the context of mobile user authentication have focused on
evaluating the attackers' performance, yet have paid much less attention to their perception …
evaluating the attackers' performance, yet have paid much less attention to their perception …
See you next time: A model for modern shoulder surfers
Friends, family and colleagues at work may repeatedly observe how their peers unlock their
smartphones. These" insiders" may combine multiple partial observations to form a …
smartphones. These" insiders" may combine multiple partial observations to form a …
VibroAuth: authentication with haptics based non-visual, rearranged keypads to mitigate shoulder surfing attacks
Abstract PIN (Personal Identification Number) code entry is a widely used authentication
method used on smartphones, ATMs, etc. However, it is typically subject to shoulder surfing …
method used on smartphones, ATMs, etc. However, it is typically subject to shoulder surfing …