Simple Screen Locking Method Using Randomly Generated Number Grid on Image

Simple Screen Locking Method Using Randomly Generated Number Grid on Image

Hazleen Aris (Universiti Tenaga Nasional, Kajang, Malaysia), Zailani Ibrahim (Universiti Tenaga Nasional, Kajang, Malaysia) and Ariff Azman (Universiti Tenaga Nasional, Kajang, Malaysia)
Copyright: © 2018 |Pages: 30
DOI: 10.4018/IJMHCI.2018100103

Abstract

Smartphones have become part and parcel of our daily life. Due to the more and more advanced features incorporated, its role has extended beyond calls and text messages, and it has become a place where important personal information is being stored. Thus, it needs to be protected from unauthorised users, which is usually achieved by using screen locking. However, improved screen locking security often compromises other aspects, such as usability and cost. In this article, a new screen locking method (SyS) that is both simple, secure from shoulder surf and smudge attacks, and not expensive to implement is presented. It uses an image and a chosen number to create the screen locking code. Evaluation results show that the SyS screen lock method scores best in terms of usability and security compared to the other three common screen locking methods, namely personal identification number or PIN, password, and pattern. It also performs well theoretically when compared against existing screen locking methods that aim at defending against similar attacks.
Article Preview
Top

Introduction

The use of smartphones and similar mobile devices nowadays has extended beyond phone calls and text messages. As smartphones become smarter and able to run applications and perform many functions of the personal computers, people are using them widely as their personal organisers, resulting in many important and confidential information being stored in the smartphones. This has thus increased the need to protect the smartphones from unauthorised access. Realising that no device as sophisticated as a smartphone or a tablet is completely secure in situ, device manufacturers and developers are doing their best to ensure the safety of users’ information stored in their smartphones. One of the means to do this is through the provision of screen locking, which comes in a number of types including slide lock, keypad lock and pattern lock (Shin, Park, Lee, & Park, 2012). In slide lock, screen unlocking is achieved by tapping and sliding the screen in a pre-defined direction, often horizontal. Another implementation of slide lock allows sliding to be made in any direction, also known as glass lock (Shin et al., 2012). Keypad lock, on the other hand, uses a set of pre-defined and ordered personal identification numbers (PINs) or password to unlock the screen. The former is also known as digit lock. It often requires users to enter their PINs by tapping on the numbers displayed on the screen. As opposed to PINs, passwords can be alphanumeric. Finally, in pattern lock, a pre-defined pattern drawn over a grid of dots is used to unlock the screen. Pattern lock provides bigger password space size than say, a four-digit PIN.

In terms of security, slide lock is obviously not secure as it only requires the user to slide the screen to unlock the phone. The purpose of its invention is to keep the phone from accidentally turning itself on and activating its applications while it is in your pocket or purse. Keypad lock and pattern lock, while more secure, are somehow vulnerable to attacks, such as smudge attack, shoulder surf attack and camera attack. Smudge attack is caused by oily residues, that is, smudges, left on the touch screen surface. The presence of residual oils on touchscreen devices increases the likelihood of an attacker gaining unauthorised access to the device due to the smudges’ persistence that makes them difficult to be obscured or deleted, especially with the availability of equipment to collect and analyse them (Aviv, Gibson, Mossop, Blaze, & Smith, 2010). Shoulder surf attack on the other hand uses direct observation techniques, such as looking over someone’s shoulder, to obtain the unlock combination. Shoulder surfing is highly likely in crowded places where it is relatively easy to stand next to people and watch unnoticed as they unlock their devices. With the aid of binoculars and other vision-enhancing devices, longer distance shoulder surfing can also be done (Rouse, 2005) and with the help of a camera, it is also known as camera attack (Winkler et al., 2015). While shoulder surf is a risk for both touch screen and keypad-based screen locking, smudge attack is only a threat for touch screen devices.

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 13: 4 Issues (2021): Forthcoming, Available for Pre-Order
Volume 12: 4 Issues (2020): 1 Released, 3 Forthcoming
Volume 11: 4 Issues (2019)
Volume 10: 4 Issues (2018)
Volume 9: 4 Issues (2017)
Volume 8: 4 Issues (2016)
Volume 7: 4 Issues (2015)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing