Smartwatches offer new capabilities to develop sophisticated applications that make daily life easier and more convenient for consumers and are becoming increasingly ubiquitous. The kind of services these devices are capable to provide include applications for mobile payment, ticketing, identification, access control, etc. While this makes modern smartwatches very powerful devices, it also makes them very attractive targets for attackers. PINs and Pattern Lock have been widely used in smartwatches for user authentication, however, those types of passwords are not robust against various forms of attacks, such as side channel, phishing, smudge, shoulder surfing, and videorecording attacks. In this work, we propose 2GesturePIN, a new authentication method that allows users to authenticate securely to their smartwatches and sensitive services through solely two gestures. It leverages the rotating bezel or the crown which are the most intuitive channels to interact with a smartwatch. 2GesturePIN enhances the resilience of the regular PIN to common attacks while maintaining a high level of usability.
2GesturePIN: Securing PIN-Based Authentication on Smartwatches
Guerar M.;Verderame L.;Migliardi M.;Merlo A.
2019-01-01
Abstract
Smartwatches offer new capabilities to develop sophisticated applications that make daily life easier and more convenient for consumers and are becoming increasingly ubiquitous. The kind of services these devices are capable to provide include applications for mobile payment, ticketing, identification, access control, etc. While this makes modern smartwatches very powerful devices, it also makes them very attractive targets for attackers. PINs and Pattern Lock have been widely used in smartwatches for user authentication, however, those types of passwords are not robust against various forms of attacks, such as side channel, phishing, smudge, shoulder surfing, and videorecording attacks. In this work, we propose 2GesturePIN, a new authentication method that allows users to authenticate securely to their smartwatches and sensitive services through solely two gestures. It leverages the rotating bezel or the crown which are the most intuitive channels to interact with a smartwatch. 2GesturePIN enhances the resilience of the regular PIN to common attacks while maintaining a high level of usability.File | Dimensione | Formato | |
---|---|---|---|
2GesturePIN_short3.pdf
accesso chiuso
Tipologia:
Documento in Post-print
Dimensione
525.26 kB
Formato
Adobe PDF
|
525.26 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.