Smartwatches offer new capabilities to develop sophisticated applications that make daily life easier and more convenient for consumers and are becoming increasingly ubiquitous. The kind of services these devices are capable to provide include applications for mobile payment, ticketing, identification, access control, etc. While this makes modern smartwatches very powerful devices, it also makes them very attractive targets for attackers. PINs and Pattern Lock have been widely used in smartwatches for user authentication, however, those types of passwords are not robust against various forms of attacks, such as side channel, phishing, smudge, shoulder surfing, and videorecording attacks. In this work, we propose 2GesturePIN, a new authentication method that allows users to authenticate securely to their smartwatches and sensitive services through solely two gestures. It leverages the rotating bezel or the crown which are the most intuitive channels to interact with a smartwatch. 2GesturePIN enhances the resilience of the regular PIN to common attacks while maintaining a high level of usability.

2GesturePIN: Securing PIN-Based Authentication on Smartwatches

Guerar M.;Verderame L.;Migliardi M.;Merlo A.
2019-01-01

Abstract

Smartwatches offer new capabilities to develop sophisticated applications that make daily life easier and more convenient for consumers and are becoming increasingly ubiquitous. The kind of services these devices are capable to provide include applications for mobile payment, ticketing, identification, access control, etc. While this makes modern smartwatches very powerful devices, it also makes them very attractive targets for attackers. PINs and Pattern Lock have been widely used in smartwatches for user authentication, however, those types of passwords are not robust against various forms of attacks, such as side channel, phishing, smudge, shoulder surfing, and videorecording attacks. In this work, we propose 2GesturePIN, a new authentication method that allows users to authenticate securely to their smartwatches and sensitive services through solely two gestures. It leverages the rotating bezel or the crown which are the most intuitive channels to interact with a smartwatch. 2GesturePIN enhances the resilience of the regular PIN to common attacks while maintaining a high level of usability.
2019
978-1-7281-0676-2
File in questo prodotto:
File Dimensione Formato  
2GesturePIN_short3.pdf

accesso chiuso

Tipologia: Documento in Post-print
Dimensione 525.26 kB
Formato Adobe PDF
525.26 kB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11567/1000046
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 15
  • ???jsp.display-item.citation.isi??? 9
social impact