Christian Winkler
Jan Gugenheimer
ABSTRACT
This paper presents Glass Unlock, a novel concept using smart glasses for smartphone unlocking, which is theoretically secure against smudge attacks, shoulder-surfing, and camera attacks. By introducing an additional temporary secret like the layout of digits that is only shown on the private near-eye display, attackers cannot make sense of the observed input on the almost empty phone screen. We report a user study with three alternative input methods and compare them to current state-of-the-art systems. Our findings show that Glass Unlock only moderately increases authentication times and that users favor the input method yielding the slowest input times as it avoids focus switches between displays.
Supplemental Material
- Aviv, A. J., Gibson, K., Mossop, E., Blaze, M., and Smith, J. M. Smudge attacks on smartphone touch screens. In Proc. WOOT '10, USENIX Association (2010), 1--7. Google Scholar
Digital Library
- Bianchi, A., Oakley, I., Kostakos, V., and Kwon, D. S. The phone lock: Audio and haptic shoulder-surfing resistant pin entry methods for mobile devices. In Proc. TEI '11, ACM (2011), 197--200. Google ScholarDigital Library
- Burgbacher, U., and Hinrichs, K. An implicit author verification system for text messages based on gesture typing biometrics. In Proc. CHI '14, ACM (2014), 2951--2954. Google ScholarDigital Library
- Coventry, L., De Angeli, A., and Johnson, G. Usability and biometric verification at the atm interface. In Proc. CHI '03, ACM (2003), 153--160. Google ScholarDigital Library
- De Luca, A., Harbach, M., von Zezschwitz, E., Maurer, M.-E., Slawik, B. E., Hussmann, H., and Smith, M. Now you see me, now you don't: Protecting smartphone authentication from shoulder surfers. In Proc. CHI '14, ACM (2014), 2937--2946. Google ScholarDigital Library
- De Luca, A., von Zezschwitz, E., Nguyen, N. D. H., Maurer, M.-E., Rubegni, E., Scipioni, M. P., and Langheinrich, M. Back-of-device authentication on smartphones. In Proc. CHI '13, ACM (2013), 2389--2398. Google ScholarDigital Library
- Harbach, M., von Zezschwitz, E., Fichtner, A., De Luca, A., and Smith, M. It's a hard lock life: A field study of smartphone (un)locking behavior and risk perception. In Proc. SOUPS '14, USENIX Association (July 2014), 213--230.Google Scholar
- Khot, R. A., Kumaraguru, P., and Srinathan, K. WYSWYE: Shoulder Surfing Defense for Recognition Based Graphical Passwords. In Proc. OzCHI '12, ACM (2012), 285--294. Google ScholarDigital Library
- Kim, S.-H., Kim, J.-W., Kim, S.-Y., and Cho, H.-G. A new shoulder-surfing resistant password for mobile environments. In Proc. ICUIMC '11, ACM (2011), 27:1--27:8. Google ScholarDigital Library
Index Terms
- Glass Unlock: Enhancing Security of Smartphone Unlocking through Leveraging a Private Near-eye Display
Recommendations
Design of double-cross-based smartphone unlock mechanism
AbstractDue to the advanced features, smartphones have become an essential and widely adopted electronic device around the world, which can provide various benefits, such as online shopping, e-commerce payment, making friends via social media, email ...
Google authentication risks on iOS
Mobile! 2016: Proceedings of the 1st International Workshop on Mobile DevelopmentThe Google Identity Platform is a system that allows a user to sign in to applications and other services by using a Google account. Google Sign-In is one such method for providing one’s identity to the Google Identity Platform. Google Sign-In is ...
On the Security of Smartphone Unlock PINs
In this article, we provide the first comprehensive study of user-chosen four- and six-digit PINs (n=1705) collected on smartphones with participants being explicitly primed for device unlocking. We find that against a throttled attacker (with 10, 30, ...
Comments