Secure PIN-Entry Method Using One-Time PIN (OTP)

The regular PIN-entry method has been still the most common method of authentication for systems and networks. However, PINs are easy to be captured through various attacks, including shoulder-surfing, video-recording, and spyware. This could be attributed to the involuntary nature of entering the o...

Full description

Saved in:
Bibliographic Details
Published inIEEE access Vol. 11; p. 1
Main Authors Binbeshr, Farid, Por, Lip Yee, Mat Kiah, M.L., Zaidan, A.A., Imam, Muhammad
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 01.01.2023
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Access control
Authentication
Biometrics (access control)
observation attack
OTP
password authentication
PIN entry
Security
shoulder surfing
Spyware
spyware attack
Surfing
Usability
Visualization
Online AccessGet full text

Cover

More Information
Summary:The regular PIN-entry method has been still the most common method of authentication for systems and networks. However, PINs are easy to be captured through various attacks, including shoulder-surfing, video-recording, and spyware. This could be attributed to the involuntary nature of entering the original PIN during authentication. In this paper, we employ an indirect input method that utilizes the addition mod 10 and a mini-challenge keypad in order to produce a one-time PIN (OTP) that obscures the original PIN. The results of our user study manifest that the proposed PIN-entry method provides better security than the existing PIN-entry methods while maintaining an acceptable level of usability. Moreover, the user feedback fully support the use of the proposed PIN-entry method in critical-security situations.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2023.3243114