• Title/Summary/Keyword: Secure Virtual Keyboard

Search Result 5, Processing Time 0.016 seconds

Virtual Keyboard against Social Engineering Attacks in Smartphones (사회 공학적 공격에 대응하는 색 기반 스마트폰 가상 키보드)

  • Choi, Dongmin;Baek, Cheolheon;Chung, Ilyong
    • Journal of Korea Multimedia Society
    • /
    • v.18 no.3
    • /
    • pp.368-375
    • /
    • 2015
  • Nowaday, financial institutions provide secure mobile keyboard solutions to keep their mobile banking services safe. However, these are still vulnerable to attacks, such as shoulder surfing attack. Especially, in the case of handicapped person such as visual impairment and blindness, they are more vulnerable than ordinary person because of inconvenience of secure information input. Among them, we focused on the color blind. For the color blind, 4-color based secure keyboard method causes more inconvenience to notify exact color. Thus, we propose a secure mobile keyboard solution to provide advanced functionality for the color blind users. Our method is based on 4-color theorem to support color blind users. In addition, our scheme is robust against shoulder surfing attack. According to the evaluation result, our method offers increased security against shoulder surfing attack compare with existing methods.

Analysis of the Password Leaking in Virtual Keyboard (가상키보드 비밀번호 유출 분석)

  • Yang, Hee-dong;Lee, Man-hee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.32 no.5
    • /
    • pp.827-835
    • /
    • 2022
  • In order to use online financial services, user authentication technology is necessary. Password check through keyboard typing is the most common technique. However, since it became known that key stokes on the keyboard can be intercepted easily, many Internet banking services and easy payment services have adopted the virtual keyboard. However, contrary to the expectation that the virtual keyboard will be safe, there is a risk that key strokes on the virtual keyboard can be leaked. In this paper, we analyzed the possibility of password leaking on the virtual keyboard and presented a password leaking method using mouse event hooking and screen capture in PC operating system. In addition, we inspected the possibility of password leak attacks on several famous Korea Internet banking websites and simple payment services, and as a result, we verified that the password input method through the virtual keyboard in the PC operating system is not secure.

A Rolling Image based Virtual Keyboard Resilient to Spyware on Smartphones (스마트폰 환경에서 스파이웨어에 저항하는 동적 이미지 기반 가상 키보드 기법)

  • Na, Sarang;Kwon, Taekyoung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.6
    • /
    • pp.1219-1223
    • /
    • 2013
  • Due to the fundamental features of smartphones, such as openness and mobility, a great deal of malicious software including spyware can be installed more easily. Since spyware can steal user's sensitive information and invade privacy, it is necessary to provide proper security mechanisms like secure virtual keyboards. In this paper, we propose a novel password input system to resist spyware and show how effectively it can reduce the threats.

Secure Password-based Authentication Method for Mobile Banking Services

  • Choi, Dongmin;Tak, Dongkil;Chung, Ilyong
    • Journal of Korea Multimedia Society
    • /
    • v.19 no.1
    • /
    • pp.41-50
    • /
    • 2016
  • Moblie device based financial services are vulnerable to social engineering attacks because of the display screen of mobile devices. In other words, in the case of shoulder surfing, attackers can easily look over a user's shoulder and expose his/her password. To resolve this problem, a colour-based secure keyboard solution has been proposed. However, it is inconvenient for genuine users to verify their password using this method. Furthermore, password colours can be exposed because of fixed keyboard colours. Therefore, we propose a secure mobile authentication method to provide advanced functionality and strong privacy. Our authentication method is robust to social engineering attacks, especially keylogger and shoulder surfing attacks. According to the evaluation results, our method offers increased security and improved usability compared with existing methods.

Secure Keypad with Encrypted Input Message (입력 메시지 암호화를 통한 보안 키패드의 설계와 구현)

  • Seo, Hwa-Jeong;Kim, Ho-Won
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.18 no.12
    • /
    • pp.2899-2910
    • /
    • 2014
  • In this paper, we present method that verifies the validity of inputted message rather than showing last character on virtual keyboard. This encrypts password and valid input only can receive right feedback. This is implemented on Android phone and tested. This shows higher security than former method by 68.23% and accuracy shows 100%. This secure keypad is practical and secure so this can replace current input keypad without difficulty.