RoundPIN: Shoulder Surfing Resistance for PIN Entry with Randomize Keypad

The security of a PIN is largely supported by the authentication process in ATM. Most authentication methods like traditional are based on using PIN as direct entry and this technique has been shown lots of drawbacks such as vulnerability to password space, and shoulder-surfing. In this paper, a new approach is proposed called RoundPIN depends on the appearance of the numerical password through one of the buttons after selecting it by the user and it is done through a number of rounds, the numbers are arranged randomly on the keypad. Due to the variable aspect of the chosen button and the random appearance of the numbers in each connection session and also the selection process will take place through three buttons three auxiliary, the proposed approach can maintain high secure session to enter the PIN to resist shoulder surfing, which is difficult for attackers to observe a user's PIN. The performance evaluation of the proposed approach is achieved in two parts, the first one is based on security analysis. Then a pilot study of thirty users is conducted to evaluate the useability of the proposed approach. It is noticed that the proposed approach can maintain a high level of security as well as acceptable level of useability and user satisfaction compared the conventional keypad system.

Attacks on Graphical Password: A Study on Defense Mechanisms and Limitations

User authentication is mostly reliant on password-based based verification. Users generally used text-based passwords, which are user-friendly but often predictable and vulnerable to some common attacks. To overcome these shortcomings, graphical authentication methods have emerged. Here, users choose a sequence of images as passwords. Though such methods help users to better remember their passwords, they too suffer from attacks seen in the case of textual passwords. This paper presents a comprehensive summary of the vulnerabilities state of the art graphical password schemes against the following well-known attacks - Dictionary, Guessing, Brute force, Shoulder surfing, Spyware, and Social engineering. We believe the findings of this study can help researchers design more secure graphical password schemes making them more usable and a realistic replacement for text-based passwords.

Survey On Biometric Based ATMs

Nowadays Automated Teller Machines (ATMs) are widely used by people. People are dependent upon ATMs to conveniently meet their day-to-day needs. As it is an important factor there comes security. ATMs are electronic machines that are operated by customers to deposit or withdraw cash from banks. It is observed that the number of crimes related to ATMs is increased hence there is a need to provide better security to ATM machines. There are different technologies that are used to provide security to ATM machine which includes – RFID technology, fingerprint, face recognition, iris scan, OTP, reference number, random keypad, etc. In a traditional ATM system card and PIN numbers are used for authentication, where security plays a big concern, such as losing cards, stolen pin numbers, card cloning, shoulder surfing, fake keyboard, skimming, etc. In order to overcome these issues, this paper discusses various systems where ATM cards and pins are replaced by biometrics and how they made ATMs more secure.

Enhanced Secure ATM authentication using NFC Technology and Iris Verification

In today's world technology has advanced to such an extent that it is interchangeable with connection and convenience. ATM was one of the major breakthroughs, and over the time it has provided better convenience in fulfilling one’s banking needs. Although, there are certain predicaments that such ATM transactions are susceptible too. The conventional PIN based authentication that is presently accustomed in all ATM apparatus is liable to shoulder surfing, hassle in remembering the multiple PIN and the rest. The physical card brings along setbacks in particular, wearing out of the magnetic strip attributable to frequent usage, losing or getting it stolen. Aside from these there are other unlawful activities that are carried upon. The objective of this paper is to present a solution to the above stated problems. In contrast to standard architecture, the proposed solution incorporates NFC enabled smartphones as a substitute for physical card and iris based authentication for PIN.

CybIQ: Secure Authentication Method

With increased vulnerabilities and vast technology landscapes, it is extremely critical to build systems which are highly resistant to cyber-attacks, to break into systems to exploit. It is almost impossible to build 100% secure authentication & authorization mechanisms merely through standard password / PIN (With all combinations of special characters, numbers & upper/lower case alphabets and by using any of the Graphical password mechanisms). The immense computing capacity and several hacking methods used, make almost every authentication method susceptible to cyber-attacks in one or the other way. Only proven / known system which is not vulnerable in spite of highly sophisticated computing power is, human brain. In this paper, we present a new method of authentication using a combination of computer’s computing ability in combination with human intelligence. In fact this human intelligence is personalized making the overall security method more secure. Text based passwords are easy to be cracked [6]. There is an increased need for an alternate and more complex authentication and authorization methods. Some of the Methods [7] [8] in the category of Graphical passwords could be susceptible, when Shoulder surfing/cameras/spy devices are used.