• JaavajiAshok
  • Santhosh V




steganopin ,bw method ,shoulder surfing


Now a daysUsers typically reuse the same personalized identification number (PIN) for multiple times. Direct PIN entries are highly dangerous for shoulder surfing attackers can effectively observe PIN entry with hidden cameras. Indirect PIN entry methods proposed as countermeasures are rarely deployed because they demand a heavier brain stuff workload for users. To achieve security and usability, we present a practical indirect PIN entry method called SteganoPIN. The humanmachine interface of SteganoPIN is two numeric keypads, one which is covered and the other open, designed mainly to block shoulder-surfing attacks. After locating a long-term PIN in the more typical layout ,through the covered permuted keypad, a user generates a one-time PIN that can safely be entered in plain view of attackers. Forty-eight participants were involved in investigating the PIN entry time and error rate of SteganoPIN. Our experimental manipulation used a within-subject factorial design with two independent variables: PIN entry system (standardPIN, SteganoPIN) and PIN type (system-chosen PIN, user-chosen PIN).The PIN entry time in SteganoPIN (5.45.7 s) was slower but acceptable, and the error rate (02.1%) was not significantly different from that of the standard PIN.


Download data is not yet available.

Author Biographies


Department of computer science Panimalar Engineering College, Chennai, TamilNadu.

Santhosh V

Department of computer science Panimalar Engineering College, Chennai, TamilNadu.


[1] T. Matsumoto and H. Imai, ?Human identification through insecure channel,? in Proc. Adv. Cryptol., 1991, pp. 409–421.

[2] V. Roth, K. Richter, and R. Freidinger, ?A PIN-entry method resilient against shoulder surfing,? in Proc. ACMComput.Commun. Security, 2004, pp. 236–245.

[3] D. Weinshall, ?Cognitive authentication schemes safe against spyware,? in Proc. IEEE Symp. Security Privacy, 2006, pp. 295–300.

[4] A. De Luca, M. Langheinrich, and H. Hussmann, ?Towards understanding ATMsecurity—A field study of realworldATMuse,? in Proc. ACMSymp. Usable Privacy Security, 2010, pp. 1–10.

[5] H. J. Asghar, S. Li, J. Pieprzyk, and H. Wang, ?Cryptoanalysis of the convex hull click human identification protocol,? in Proc. 13th Int. Conf. Inf. Security, 2010, pp. 24–30.

[6] A. De Luca, E. von Zezschwitz, and H. Hussmann, ?Vibrapass – secure authentication based on shared lies,? in Proc. ACM CHI Conf. Human Factors Comput. Syst., 2009, pp. 913–916.

[7]A. Bianchi, I. Oakley, and D. Kwon, ?Spinlock: A single-cue haptic and audio PIN input technique for authentication,? in Proc. Haptic Audio Interaction Design, 2011, pp. 81–90.

[8] T. Perkovic, A. Mumtaz, Y. Javed, S. Li, S. A. Khayam, and M. Cagalj, ?Breaking undercover: Exploiting design flaws and nonuniform human behavior,? in Proc. 7th Symp. Usable Privacy Security, 2011, pp. 1–15.

[9] A. Bianchi, I. Oakley, V. Kostakos, and D. Kwon, ?The Phone Lock: Audio and haptic shoulder-surfing resistant PIN entry methods for mobile devices,? in Proc. 5th Int. Conf. Tangible, Embedded, Embodied Interaction, 2011, pp. 197–200

[10] D. Kim, P. Dunphy, P. Briggs, J. Hook, J. W. Nicholson, J. Nicholson, and P. Olivier, ?Multi-touch authentication on tabletops,? in Proc. ACM SIGCHI Conf. Human Factors Comput. Syst., 2010, pp. 1093–1102.