From University of Waterloo: For Complete Post, Click Here…
New authentication method helps protect data from privacy attacks.
Working closely with blind and low-vision (BLV) users, researchers at the University of Waterloo and the Rochester Institute of Technology have developed a new authentication method that could help BLV technology users more securely access their devices. The new method, OneButtonPIN, allows users to input PIN codes using a single large button and a series of haptic vibrations.
People with BLV frequently express frustrations with existing authentication methods such as drawing patterns, fingerprint and face scans, and PIN codes. Some methods are difficult to use effectively without visual data. Others are vulnerable to privacy attacks.
OneButtonPIN addresses these security issues by using haptic vibrations imperceptible to outsiders. When prompted to enter a PIN code, the user presses and holds a large button on their smartphone screen. This activates a series of vibrations separated by pauses; the user counts the number of vibrations corresponding to the number they desire to enter, then releases the button and repeats the process until the desired numbers are entered.
While biometrics such as fingerprints and face scans are unique and easy to use, a person’s biometrics cannot be changed or reset, explains Stacey Watson, a lecturer in computer science and one of the researchers on the study.
“More traditional forms of entry are vulnerable due to many BLV people’s use of screen reader technology,” said Watson. “PIN users are vulnerable both to eavesdropping and shoulder surfing attacks, which is where someone nearby can observe a user’s device without their knowledge.”