Browse Prior Art Database

A Method for Increasing Security of Keypad Authentication through Randomization of keys

IP.com Disclosure Number: IPCOM000246109D
Publication Date: 2016-May-08
Document File: 3 page(s) / 151K

Publishing Venue

The IP.com Prior Art Database

Abstract

A method disclosed for increasing security of keypad authentication method by showing the keys in a randomized manner every time PIN entry is needed and clearing the keys as soon as authentication is completed.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Page 01 of 3

A Method for Increasing Security of Keypad Authentication through Randomization of keys

Use of a Personal Identification Number (PIN) on a 10-key keypad as a fast and safe authentication method is ubiquitous.

Despite being widely used, the keypad has several serious flaws. First of all, a same pattern of presses is always used. This makes it easier for snooping eyes to steal the PIN because a hacker only needs to remember a starting point and a pattern being pressed. Another easy way for a hacker to steal the PIN is to use a heat-sensitive camera to take a picture of the keypad that was just pressed. The heat signature clearly indicates which buttons were pressed and relative size of the heat signature shows an order of the buttons pressed. The third flaw is that through heavy usage, the same buttons (or locations on the touch screen) are being pressed causing uneven wear on the hardware.

A method disclosed for increasing security of a keypad authentication method by showing the keys in a randomized

manner every time PIN entry is needed and clearing the keys as soon as authentication is completed.

Fig. 1 shows examples of how a 10-digit keypad might appear in accordance with the method disclosed herein. Each time a user needs to enter (or re-enter) a PIN, the keypads presented have all the keys shown in a random order.

Fig. 1

The method of randomizing displayed keys can also be extended to cover an alphabetic keypad. With an alphabetic keypad, all keys letters A-Z could be fully randomized or pseudo-randomized. Fig. 2 illustrates a fully randomized alphabetic keypad as well as a pseudo-random keypad. A pseudo-randomized keypad groups the keys by range to make

1


Page 02 of 3

it easier for a user to find keys. The pseudo-random keypad in Fig. 2 is grouped A-F, G-M, N-T, U-Z and laid out horizontally.

Fig. 2

In an embodiment, order of letters may be kept unchanged, but the direction of the keys being displayed (either vertically or horizontally, forwards or backwards) are randomly shifted as illustrated in fig. 3. There are fewer permutations of keypad layout for this scheme, but may be desirable if order...