Smartwatches offer new capabilities to develop sophisticated applications that make daily life easier and more convenient for consumers and are becoming increasingly ubiquitous. The kind of services these devices are capable to provide include applications for mobile payment, ticketing, identification, access control, etc. While this makes modern smartwatches very powerful devices, it also makes them very attractive targets for attackers. PINs and Pattern Lock have been widely used in smartwatches for user authentication, however, those types of passwords are not robust against various forms of attacks, such as side channel, phishing, smudge, shoulder surfing, and videorecording attacks. In this work, we propose 2GesturePIN, a new authentication method that allows users to authenticate securely to their smartwatches and sensitive services through solely two gestures. It leverages the rotating bezel or the crown which are the most intuitive channels to interact with a smartwatch. 2GesturePIN enhances the resilience of the regular PIN to common attacks while maintaining a high level of usability.
2GesturePIN: Securing PIN-based Authentication on Smartwatches
M. GuerarMembro del Collaboration Group
;M. MigliardiMembro del Collaboration Group
;
2019
Abstract
Smartwatches offer new capabilities to develop sophisticated applications that make daily life easier and more convenient for consumers and are becoming increasingly ubiquitous. The kind of services these devices are capable to provide include applications for mobile payment, ticketing, identification, access control, etc. While this makes modern smartwatches very powerful devices, it also makes them very attractive targets for attackers. PINs and Pattern Lock have been widely used in smartwatches for user authentication, however, those types of passwords are not robust against various forms of attacks, such as side channel, phishing, smudge, shoulder surfing, and videorecording attacks. In this work, we propose 2GesturePIN, a new authentication method that allows users to authenticate securely to their smartwatches and sensitive services through solely two gestures. It leverages the rotating bezel or the crown which are the most intuitive channels to interact with a smartwatch. 2GesturePIN enhances the resilience of the regular PIN to common attacks while maintaining a high level of usability.
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
