Proof of Concept of Touchless Interface on Random Keypad for ATM Shoulder Surfing Mitigation
Descripción del Articulo
Financial inclusion in Peru is on the rise, with 56% of adults already having financial products. This has increased the use of ATMs and the risks associated with them, such as shoulder surfing. To mitigate the risk of this attack, a proof of concept of a touchless interface that allows users to ent...
| Autores: | , |
|---|---|
| Formato: | artículo |
| Fecha de Publicación: | 2023 |
| Institución: | Universidad de Lima |
| Repositorio: | Revistas - Universidad de Lima |
| Lenguaje: | español |
| OAI Identifier: | oai:revistas.ulima.edu.pe:article/6557 |
| Enlace del recurso: | https://revistas.ulima.edu.pe/index.php/Interfases/article/view/6557 |
| Nivel de acceso: | acceso abierto |
| Materia: | touchless interfaces automated teller machines shoulder surfing random keypad interfaces touchless cajeros automáticos teclado numérico aleatorio |
| Sumario: | Financial inclusion in Peru is on the rise, with 56% of adults already having financial products. This has increased the use of ATMs and the risks associated with them, such as shoulder surfing. To mitigate the risk of this attack, a proof of concept of a touchless interface that allows users to enter their PIN securely was developed, proposing an example for use by banking institutions or ATM manufacturers. For this purpose, randomly disordered sequences of numbers from 0 to 9 were generated without repeating them. Then, infrared sensors were implemented to enter the PIN numbers. Mitigation and usability tests were performed with a group of 16 people. The first test showed encouraging results, as the attackers found it difficult to identify the digits entered by the users and only managed to register 25% correctly. Likewise, in the usability tests, an usability average of 78.4375 was obtained, placing the interface in a B+ range, above the threshold of 68 points. Considering this, it is concluded that the proposal meets the objective of allowing the user to enter his PIN securely against shoulder surfing attacks. |
|---|
Nota importante:
La información contenida en este registro es de entera responsabilidad de la institución que gestiona el repositorio institucional donde esta contenido este documento o set de datos. El CONCYTEC no se hace responsable por los contenidos (publicaciones y/o datos) accesibles a través del Repositorio Nacional Digital de Ciencia, Tecnología e Innovación de Acceso Abierto (ALICIA).
La información contenida en este registro es de entera responsabilidad de la institución que gestiona el repositorio institucional donde esta contenido este documento o set de datos. El CONCYTEC no se hace responsable por los contenidos (publicaciones y/o datos) accesibles a través del Repositorio Nacional Digital de Ciencia, Tecnología e Innovación de Acceso Abierto (ALICIA).
