Authentication in public spaces, such as ATM PIN entry, is inherently susceptible to security attacks based on observation in person or via cameras. This paper addresses this problem with a system which allows users to enter a PIN on a standard mobile phone and then transmit it securely for authentication using modulated patterns of light shown on the screen and sensed by a cheap bespoke receiver unit. No pre-pairing is required as physical proximity guarantees security. The paper presents several hardware and software variations, evaluates the technical soundness of the system, and presents two user studies addressing usability and security against observation attacks.

Loading more stuff…

Hmm…it looks like things are taking a while to load. Try again?

Loading videos…