The personal identification chord: A four button authentication system for smartwatches

Ian Oakley; Jun Ho Huh; Junsung Cho; Geumhwan Cho; Rasel Islam; Hyoungshick Kim

doi:10.1145/3196494.3196555

The personal identification chord: A four button authentication system for smartwatches

Ian Oakley
, Jun Ho Huh
, Junsung Cho
, Geumhwan Cho
, Rasel Islam
, Hyoungshick Kim

Department of Computer Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

16 Scopus citations

Abstract

Smartwatches support access to a wide range of private information but little is known about the security and usability of existing smartwatch screen lock mechanisms. Prior studies suggest that smartwatch authentication via standard techniques such as 4-digit PINs is challenging and error-prone. We conducted interviews to shed light on current practices, revealing that smartwatch users consider the ten-key keypad required for PIN entry to be hard to use due to its small button sizes. To address this issue, we propose the Personal Identification Chord (PIC), an authentication system based on a four-button chorded keypad that enables users to enter ten different inputs via taps to one or two larger buttons. Two studies assessing usability and security of our technique indicate PICs lead to increases in setup and (modestly) recall time, but can be entered accurately while maintaining high recall rates and may improve guessing entropy compared to PINs.

Original language	English
Title of host publication	ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security
Publisher	Association for Computing Machinery, Inc
Pages	75-87
Number of pages	13
ISBN (Electronic)	9781450355766
DOIs	https://doi.org/10.1145/3196494.3196555
State	Published - 29 May 2018
Event	13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018 - Incheon, Korea, Republic of Duration: 4 Jun 2018 → 8 Jun 2018

Publication series

Name	ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security

Conference

Conference	13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018
Country/Territory	Korea, Republic of
City	Incheon
Period	4/06/18 → 8/06/18

Keywords

Personal identification chord (PIC)
Personal identification number (PIN)
Smartwatch screen lock
User authentication

Access to Document

10.1145/3196494.3196555

Cite this

Oakley, I., Huh, J. H., Cho, J., Cho, G., Islam, R., & Kim, H. (2018). The personal identification chord: A four button authentication system for smartwatches. In ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security (pp. 75-87). (ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security). Association for Computing Machinery, Inc. https://doi.org/10.1145/3196494.3196555

Oakley, Ian ; Huh, Jun Ho ; Cho, Junsung et al. / The personal identification chord : A four button authentication system for smartwatches. ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2018. pp. 75-87 (ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security).

@inproceedings{9151d007804647b2a157447654045144,

title = "The personal identification chord: A four button authentication system for smartwatches",

abstract = "Smartwatches support access to a wide range of private information but little is known about the security and usability of existing smartwatch screen lock mechanisms. Prior studies suggest that smartwatch authentication via standard techniques such as 4-digit PINs is challenging and error-prone. We conducted interviews to shed light on current practices, revealing that smartwatch users consider the ten-key keypad required for PIN entry to be hard to use due to its small button sizes. To address this issue, we propose the Personal Identification Chord (PIC), an authentication system based on a four-button chorded keypad that enables users to enter ten different inputs via taps to one or two larger buttons. Two studies assessing usability and security of our technique indicate PICs lead to increases in setup and (modestly) recall time, but can be entered accurately while maintaining high recall rates and may improve guessing entropy compared to PINs.",

keywords = "Personal identification chord (PIC), Personal identification number (PIN), Smartwatch screen lock, User authentication",

author = "Ian Oakley and Huh, \{Jun Ho\} and Junsung Cho and Geumhwan Cho and Rasel Islam and Hyoungshick Kim",

note = "Publisher Copyright: {\textcopyright} 2018 Association for Computing Machinery.; 13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018 ; Conference date: 04-06-2018 Through 08-06-2018",

year = "2018",

month = may,

day = "29",

doi = "10.1145/3196494.3196555",

language = "English",

series = "ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery, Inc",

pages = "75--87",

booktitle = "ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security",

}

Oakley, I, Huh, JH, Cho, J, Cho, G, Islam, R & Kim, H 2018, The personal identification chord: A four button authentication system for smartwatches. in ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security. ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security, Association for Computing Machinery, Inc, pp. 75-87, 13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018, Incheon, Korea, Republic of, 4/06/18. https://doi.org/10.1145/3196494.3196555

The personal identification chord: A four button authentication system for smartwatches. / Oakley, Ian; Huh, Jun Ho; Cho, Junsung et al.
ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2018. p. 75-87 (ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - The personal identification chord

T2 - 13th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2018

AU - Oakley, Ian

AU - Huh, Jun Ho

AU - Cho, Junsung

AU - Cho, Geumhwan

AU - Islam, Rasel

AU - Kim, Hyoungshick

PY - 2018/5/29

Y1 - 2018/5/29

N2 - Smartwatches support access to a wide range of private information but little is known about the security and usability of existing smartwatch screen lock mechanisms. Prior studies suggest that smartwatch authentication via standard techniques such as 4-digit PINs is challenging and error-prone. We conducted interviews to shed light on current practices, revealing that smartwatch users consider the ten-key keypad required for PIN entry to be hard to use due to its small button sizes. To address this issue, we propose the Personal Identification Chord (PIC), an authentication system based on a four-button chorded keypad that enables users to enter ten different inputs via taps to one or two larger buttons. Two studies assessing usability and security of our technique indicate PICs lead to increases in setup and (modestly) recall time, but can be entered accurately while maintaining high recall rates and may improve guessing entropy compared to PINs.

AB - Smartwatches support access to a wide range of private information but little is known about the security and usability of existing smartwatch screen lock mechanisms. Prior studies suggest that smartwatch authentication via standard techniques such as 4-digit PINs is challenging and error-prone. We conducted interviews to shed light on current practices, revealing that smartwatch users consider the ten-key keypad required for PIN entry to be hard to use due to its small button sizes. To address this issue, we propose the Personal Identification Chord (PIC), an authentication system based on a four-button chorded keypad that enables users to enter ten different inputs via taps to one or two larger buttons. Two studies assessing usability and security of our technique indicate PICs lead to increases in setup and (modestly) recall time, but can be entered accurately while maintaining high recall rates and may improve guessing entropy compared to PINs.

KW - Personal identification chord (PIC)

KW - Personal identification number (PIN)

KW - Smartwatch screen lock

KW - User authentication

UR - https://www.scopus.com/pages/publications/85049232360

U2 - 10.1145/3196494.3196555

DO - 10.1145/3196494.3196555

M3 - Conference contribution

AN - SCOPUS:85049232360

T3 - ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security

SP - 75

EP - 87

BT - ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security

PB - Association for Computing Machinery, Inc

Y2 - 4 June 2018 through 8 June 2018

ER -

Oakley I, Huh JH, Cho J, Cho G, Islam R, Kim H. The personal identification chord: A four button authentication system for smartwatches. In ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc. 2018. p. 75-87. (ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security). doi: 10.1145/3196494.3196555

The personal identification chord: A four button authentication system for smartwatches

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this