note

Glass Unlock: Enhancing Security of Smartphone Unlocking through Leveraging a Private Near-eye Display

Authors:

Enrico RukzioAuthors Info & Claims

CHI '15: Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems

Pages 1407 - 1410

https://doi.org/10.1145/2702123.2702316

Published: 18 April 2015 Publication History

Get Access

Abstract

This paper presents Glass Unlock, a novel concept using smart glasses for smartphone unlocking, which is theoretically secure against smudge attacks, shoulder-surfing, and camera attacks. By introducing an additional temporary secret like the layout of digits that is only shown on the private near-eye display, attackers cannot make sense of the observed input on the almost empty phone screen. We report a user study with three alternative input methods and compare them to current state-of-the-art systems. Our findings show that Glass Unlock only moderately increases authentication times and that users favor the input method yielding the slowest input times as it avoids focus switches between displays.

Supplementary Material

suppl.mov (pn1031-file3.mp4)

Supplemental video

Download
75.38 MB

References

[1]

Aviv, A. J., Gibson, K., Mossop, E., Blaze, M., and Smith, J. M. Smudge attacks on smartphone touch screens. In Proc. WOOT '10, USENIX Association (2010), 1--7.

Digital Library

Google Scholar

[2]

Bianchi, A., Oakley, I., Kostakos, V., and Kwon, D. S. The phone lock: Audio and haptic shoulder-surfing resistant pin entry methods for mobile devices. In Proc. TEI '11, ACM (2011), 197--200.

Digital Library

Google Scholar

[3]

Burgbacher, U., and Hinrichs, K. An implicit author verification system for text messages based on gesture typing biometrics. In Proc. CHI '14, ACM (2014), 2951--2954.

Digital Library

Google Scholar

[4]

Coventry, L., De Angeli, A., and Johnson, G. Usability and biometric verification at the atm interface. In Proc. CHI '03, ACM (2003), 153--160.

Digital Library

Google Scholar

[5]

De Luca, A., Harbach, M., von Zezschwitz, E., Maurer, M.-E., Slawik, B. E., Hussmann, H., and Smith, M. Now you see me, now you don't: Protecting smartphone authentication from shoulder surfers. In Proc. CHI '14, ACM (2014), 2937--2946.

Digital Library

Google Scholar

[6]

De Luca, A., von Zezschwitz, E., Nguyen, N. D. H., Maurer, M.-E., Rubegni, E., Scipioni, M. P., and Langheinrich, M. Back-of-device authentication on smartphones. In Proc. CHI '13, ACM (2013), 2389--2398.

Digital Library

Google Scholar

[7]

Harbach, M., von Zezschwitz, E., Fichtner, A., De Luca, A., and Smith, M. It's a hard lock life: A field study of smartphone (un)locking behavior and risk perception. In Proc. SOUPS '14, USENIX Association (July 2014), 213--230.

Google Scholar

[8]

Khot, R. A., Kumaraguru, P., and Srinathan, K. WYSWYE: Shoulder Surfing Defense for Recognition Based Graphical Passwords. In Proc. OzCHI '12, ACM (2012), 285--294.

Digital Library

Google Scholar

[9]

Kim, S.-H., Kim, J.-W., Kim, S.-Y., and Cho, H.-G. A new shoulder-surfing resistant password for mobile environments. In Proc. ICUIMC '11, ACM (2011), 27:1--27:8.

Digital Library

Google Scholar

Cited By

View all

Hallal LRhinelander JVenkat R(2024)Recent Trends of Authentication Methods in Extended Reality: A SurveyApplied System Innovation10.3390/asi70300457:3(45)Online publication date: 28-May-2024
https://doi.org/10.3390/asi7030045
Saad ALiebers JSchneegass SGruenefeld U(2023)“They see me scrollin”—Lessons Learned from Investigating Shoulder Surfing Behavior and Attack Mitigation StrategiesHuman Factors in Privacy Research10.1007/978-3-031-28643-8_10(199-218)Online publication date: 10-Mar-2023
https://doi.org/10.1007/978-3-031-28643-8_10
Mathis FO'Hagan JVaniea KKhamis MBottoni PPanizzi E(2022)Stay Home! Conducting Remote Usability Evaluations of Novel Real-World Authentication Systems Using Virtual RealityProceedings of the 2022 International Conference on Advanced Visual Interfaces10.1145/3531073.3531087(1-9)Online publication date: 6-Jun-2022
https://dl.acm.org/doi/10.1145/3531073.3531087
Show More Cited By

Index Terms

Glass Unlock: Enhancing Security of Smartphone Unlocking through Leveraging a Private Near-eye Display
1. Human-centered computing

Recommendations

Design of double-cross-based smartphone unlock mechanism
Abstract
Due to the advanced features, smartphones have become an essential and widely adopted electronic device around the world, which can provide various benefits, such as online shopping, e-commerce payment, making friends via social media, email ...
Google authentication risks on iOS
Mobile! 2016: Proceedings of the 1st International Workshop on Mobile Development

The Google Identity Platform is a system that allows a user to sign in to applications and other services by using a Google account. Google Sign-In is one such method for providing one’s identity to the Google Identity Platform. Google Sign-In is ...
On the Security of Smartphone Unlock PINs

In this article, we provide the first comprehensive study of user-chosen four- and six-digit PINs (n=1705) collected on smartphones with participants being explicitly primed for device unlocking. We find that against a throttled attacker (with 10, 30, ...

Comments

Information & Contributors

Information

Published In

CHI '15: Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems

April 2015

4290 pages

ISBN:9781450331456

DOI:10.1145/2702123

General Chairs:
Bo Begole
Huawei, USA
,
Jinwoo Kim
Yonsei University, Korea
,
Program Chairs:
Kori Inkpen
Microsoft Research, USA
,
Woontack Woo
KAIST, Korea

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 April 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Note

Funding Sources

German Research Foundation (DFG)
German Research Foundation (DFG) -- Emmy Noether

Conference

CHI '15

Sponsor:

SIGCHI

CHI '15: CHI Conference on Human Factors in Computing Systems

April 18 - 23, 2015

Seoul, Republic of Korea

Acceptance Rates

CHI '15 Paper Acceptance Rate 486 of 2,120 submissions, 23%;

Overall Acceptance Rate 6,199 of 26,314 submissions, 24%

Upcoming Conference

CHI 2025

Sponsor:
sigchi

ACM CHI Conference on Human Factors in Computing Systems

April 26 - May 1, 2025

Yokohama , Japan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

32
Total Citations
View Citations
629
Total Downloads

Downloads (Last 12 months)30
Downloads (Last 6 weeks)0

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Hallal LRhinelander JVenkat R(2024)Recent Trends of Authentication Methods in Extended Reality: A SurveyApplied System Innovation10.3390/asi70300457:3(45)Online publication date: 28-May-2024
https://doi.org/10.3390/asi7030045
Saad ALiebers JSchneegass SGruenefeld U(2023)“They see me scrollin”—Lessons Learned from Investigating Shoulder Surfing Behavior and Attack Mitigation StrategiesHuman Factors in Privacy Research10.1007/978-3-031-28643-8_10(199-218)Online publication date: 10-Mar-2023
https://doi.org/10.1007/978-3-031-28643-8_10
Mathis FO'Hagan JVaniea KKhamis MBottoni PPanizzi E(2022)Stay Home! Conducting Remote Usability Evaluations of Novel Real-World Authentication Systems Using Virtual RealityProceedings of the 2022 International Conference on Advanced Visual Interfaces10.1145/3531073.3531087(1-9)Online publication date: 6-Jun-2022
https://dl.acm.org/doi/10.1145/3531073.3531087
Watson KBretin RKhamis MMathis F(2022)The Feet in Human-Centred Security: Investigating Foot-Based User Authentication for Public DisplaysExtended Abstracts of the 2022 CHI Conference on Human Factors in Computing Systems10.1145/3491101.3519838(1-9)Online publication date: 27-Apr-2022
https://dl.acm.org/doi/10.1145/3491101.3519838
Andriotis PKirby MTakasu A(2022)Bu-Dash: a universal and dynamic graphical password scheme (extended version)International Journal of Information Security10.1007/s10207-022-00642-222:2(381-401)Online publication date: 4-Dec-2022
https://doi.org/10.1007/s10207-022-00642-2
Aris HIbrahim ZAzman A(2021)Simple Screen Locking Method Using Randomly Generated Number Grid on ImageResearch Anthology on Securing Mobile Technologies and Applications10.4018/978-1-7998-8545-0.ch012(223-246)Online publication date: 2021
https://doi.org/10.4018/978-1-7998-8545-0.ch012
Mathis FWilliamson JVaniea KKhamis M(2021)Fast and Secure Authentication in Virtual Reality Using Coordinated 3D Manipulation and PointingACM Transactions on Computer-Human Interaction10.1145/342812128:1(1-44)Online publication date: 20-Jan-2021
https://dl.acm.org/doi/10.1145/3428121
Mathis FVaniea KKhamis MKitamura YQuigley AIsbister KIgarashi TBjørn PDrucker S(2021)RepliCueAuth: Validating the Use of a Lab-Based Virtual Reality Setup for Evaluating Authentication SystemsProceedings of the 2021 CHI Conference on Human Factors in Computing Systems10.1145/3411764.3445478(1-18)Online publication date: 6-May-2021
https://dl.acm.org/doi/10.1145/3411764.3445478
Mathis FVaniea KKhamis M(2021)Prototyping Usable Privacy and Security Systems: Insights from ExpertsInternational Journal of Human–Computer Interaction10.1080/10447318.2021.194913438:5(468-490)Online publication date: 5-Aug-2021
https://doi.org/10.1080/10447318.2021.1949134
Strömbäck DHuang SRadu V(2020)MM-FitProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/34327014:4(1-22)Online publication date: 18-Dec-2020
https://dl.acm.org/doi/10.1145/3432701
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

Supplementary Material

References

Cited By

Index Terms

Recommendations

Design of double-cross-based smartphone unlock mechanism

Google authentication risks on iOS

On the Security of Smartphone Unlock PINs

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations