WO2016125083A1 - Method and system for secure pin entry on computing devices - Google Patents

Method and system for secure pin entry on computing devices Download PDF

Info

Publication number
WO2016125083A1
WO2016125083A1 PCT/IB2016/050535 IB2016050535W WO2016125083A1 WO 2016125083 A1 WO2016125083 A1 WO 2016125083A1 IB 2016050535 W IB2016050535 W IB 2016050535W WO 2016125083 A1 WO2016125083 A1 WO 2016125083A1
Authority
WO
WIPO (PCT)
Prior art keywords
cell
pin
computing device
server
digits
Prior art date
Application number
PCT/IB2016/050535
Other languages
French (fr)
Inventor
Ramachandra Babu HANUMANTHAPPA
Ashok SARMA
Avinash SURESH HALAGERI
Girish KENCHE GOWDA
Original Assignee
Spiritus Payments Private Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Spiritus Payments Private Limited filed Critical Spiritus Payments Private Limited
Publication of WO2016125083A1 publication Critical patent/WO2016125083A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/011Arrangements for interaction with the human body, e.g. for user immersion in virtual reality
    • G06F3/013Eye tracking input arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/017Gesture based interaction, e.g. based on a set of recognized hand gestures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0484Interaction techniques based on graphical user interfaces [GUI] for the control of specific functions or operations, e.g. selecting or manipulating an object, an image or a displayed text element, setting a parameter value or selecting a range
    • G06F3/04842Selection of displayed objects or displayed text elements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0487Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser
    • G06F3/0488Interaction techniques based on graphical user interfaces [GUI] using specific features provided by the input device, e.g. functions controlled by the rotation of a mouse with dual sensing arrangements, or of the nature of the input device, e.g. tap gestures based on pressure sensed by a digitiser using a touch-screen or digitiser, e.g. input of commands through traced gestures

Definitions

  • TECHNICAL FIELD The present subject matter is related, in general to secure entry of credentials such as personal identification numbers (PINs), and more particularly, but not exclusively to a method and a server for secure PIN entry on computing devices.
  • PINs personal identification numbers
  • Portable personal computing devices such as smart phones, Personal Digital Assistants (PDAs), portable computers, tablet computers and audio devices such as digital music players have become ubiquitous in recent years. This opens up the possibility of many different mobile applications such as mobile banking, mobile payment, mobile commerce, and person-to-person money transfer, among others.
  • PIN Personal Identification Number
  • PIN personal identification number
  • the pattern lock is very popular because of its interesting and fun way to unlock the mobile unlike a password entry mechanism.
  • This pattern lock is vulnerable because of following reasons. Firstly, if anyone sees the pattern while unlocking by the user, they can easily remember and can hack the pattern. This is because the dots are connected via line and the connected dots are adjacent to each other. Secondly, if the screen of the mobile phone is closely observed immediately after it is unlocked, finger swipe marks can be seen on the screen which in turn leads to hacking the pattern. Gesture unlock patterns set up by an authorized user can be discovered by viewing the finger smudge path on the glass. This smudge path is particularly visible when the screen is dark and the unlock gesture is traced out many times in a more intentional fashion where the user exerts more finger pressure.
  • the method comprises receiving, by a server, a request for a matrix for entering PIN from the computing device.
  • the method further comprises generating a matrix along with at least one of a random sequence identifier for each row and column of the matrix and cell alphabet indices.
  • a cell of the matrix with coinciding row and column random sequence identifier is colored with a unique color.
  • the method further comprises providing the matrix along with a predefined sequence and at least one of cell alphabet indices and the random sequence identifier of each row. The matrix and the random sequence identifier of each row is displayed on a display of the computing device.
  • the method further comprises receiving at least one of Red Green Blue (RGB) value of a selected colored cell and the cell alphabet indices of the selected colored cell in the predefined sequence.
  • the method further comprises determining the PIN based on the predefined sequence and at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell.
  • a server for determining a user PIN using a computing device comprises a processor and a memory communicatively coupled to the processor.
  • the memory stores processor-executable instructions which on execution, causes the processor to receive a request for a matrix for entering PIN from the computing device.
  • the processor generates a matrix along with at least one of a random sequence identifier for each row and column of the matrix and cell alphabet indices, wherein a cell of the matrix with coinciding row and column random sequence identifier is colored with a unique color. Further, the processor provides the matrix along with a predefined sequence and at least one of cell alphabet indices and the random sequence identifier of each row, wherein the matrix and the random sequence identifier of each row is displayed on a display of the computing device. Then, the processor receives at least one of Red Green Blue (RGB) value of a selected colored cell and the cell alphabet indices of the selected colored cell in the predefined sequence. Further, the processor determines the PIN based on the predefined sequence and at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell.
  • RGB Red Green Blue
  • the method comprises providing, by a server, a plurality of digits for displaying on a display of the computing device along with a predefined sequence for encrypting a PIN.
  • the method comprises receiving selection of one or more digits of the plurality of digits defining the PIN from the computing device.
  • the selection of one or more digits is determined through an image capturing unit associated to the computing device by tracking eye geometry of the user and the one or more digits are encrypted using the predefined sequence.
  • the method comprises decrypting the one or more encrypted digits using the predefined sequence to detect the PIN.
  • a server for providing non-touch based detection of the PIN using a computing device comprises a processor and a memory communicatively coupled to the processor.
  • the memory stores processor-executable instructions which on execution, causes the processor to provide a plurality of digits for displaying on a display of the computing device along with a predefined sequence for encrypting a PIN.
  • the processor receives selection of one or more digits of the plurality of digits defining the PIN from the computing device.
  • the selection of one or more digits is determined through an image capturing unit associated to the computing device by tracking eye geometry of the user, and wherein the one or more digits are encrypted using the predefined sequence.
  • the processor decrypts the one or more encrypted digits using the predefined sequence to detect the entered PIN.
  • Fig. 1 illustrates a block diagram of exemplary network architecture for determining user PIN in accordance with some embodiments of the present disclosure
  • Fig. 2 illustrates a block diagram of computing device for determining user PIN in accordance with some embodiments of the present disclosure
  • Fig. 3A and 3B illustrates exemplary embodiments of user interface of computing device to determine user PIN in accordance with some embodiments of the present disclosure
  • Fig. 4 shows a flowchart illustrating a method for determining user PIN in accordance with some embodiments of the present disclosure
  • Fig. 5 illustrates a block diagram of computing device for providing non-touch based detection of PIN in accordance with some embodiments of the present disclosure
  • Figs. 6A and 6B illustrate exemplary embodiments of user interface of computing device for providing non-touch based detection of PIN in accordance with some embodiments of the present disclosure
  • Fig. 7 shows a flowchart illustrating a method for providing non-touch based detection of PIN in accordance with some embodiments of the present disclosure.
  • Fig. 8 shows a flowchart illustrating a method for determining selection of digits of PIN in accordance with some embodiments of the present disclosure
  • Fig. 9 illustrates a block diagram of an exemplary computer system for implementing embodiments consistent with the present disclosure.
  • Embodiments of the present disclosure are related to a method and a system for determining user PIN using a computing device.
  • the user does not enter original PIN on the display screen of the computing device.
  • the application on the computing device comprises a matrix structure with random number sequences along the row and column of the matrix.
  • the matrix cell corresponding to the intersection of the digits in respective row and column is colored in different colors.
  • the user selects one or more colors corresponding to the user PIN.
  • the selected colors are sent to the server for determining PIN of the user.
  • the selected colors are transmitted in a different order to the server for providing additional security.
  • the server upon receiving the information on the selected colors, deciphers and determines the user ⁇ .
  • the present disclosure provides a non-touch based detection of PIN using a computing device.
  • the user gazes at a location on display screen of computing device indicating a digit corresponding to user PIN on the screen. Then, the user closes eye lid to confirm the gaze.
  • An image capturing unit records the geometry of the location and transmits the information to the server which would in turn detect which digit displayed on the screen was selected. Also, the server would send a mask to the computing device which masks the actual PIN and send the mask back to the server.
  • Fig. 1 illustrates a block diagram of exemplary network architecture for determining user PIN in accordance with some embodiments of the present disclosure.
  • the network architecture comprises one or more computing devices 102A, 102B,..., 102N (collectively referred to as 102) connected to a server 106 through a network 104.
  • the computing device 102 is configured to authenticate the user of the computing device. The authentication may be for any purpose, including but not limiting to, accessing the computing device, accessing particular applications of the computing device, authenticating user for performing a transaction etc.
  • the computing device 102 receives a masked PIN entered by a user and transmits the masked PIN to the server for determining the actual PIN. Examples of the server 102 include, but are not limited to, a laptop computer, a desktop computer, a notebook, a workstation, a mainframe computer, a server, a network server, and the like.
  • the computing device 102 may include at least one central processing unit (“CPU” or “processor”) 108 and a memory 110 storing instructions executable by the at least one processor 108.
  • the processor 108 may comprise at least one data processor for executing program components for executing user- or system-generated requests.
  • a user may include a person, a person using a device such as those included in this disclosure, or such a device itself.
  • the memory 110 is communicatively coupled to the processor 108.
  • the computing device 102 further comprises an I/O interface 112 and a display 114.
  • the I/O interface 112 is coupled with the processor 108 through which the user input is received.
  • the display 114 is used to display a user interface for input relating to user PIN.
  • An exemplary embodiment of user interface is illustrated in Fig. 3A.
  • the user interface comprises a grid structure comprising grid cells.
  • the grid is a 10-by-lO matrix.
  • a random digit sequence is displayed along one of the row 302 and column 304 of grid cells of the matrix to serve as a guide.
  • the row random digit sequence is displayed.
  • the grid cell corresponding to intersection of the digits in respective row and column is colored with a predefined color.
  • the grid cell that corresponds to intersection of digit 4 in row and column of the grid is colored in 'black'.
  • a random digit sequence and random alphabet sequence is displayed along one of the rows 302, 306 and columns 304, 308 of grid cells of the matrix to serve as a guide.
  • the grid cell corresponding to intersection of the digits in respective row and column is colored with a predefined color.
  • the grid cell that corresponds to intersection of digit 4 in row and column of the grid is colored in 'black'. Note that while a 10-by-lO grid is used to illustrate various embodiments, other grid sizes may also be incorporated. Also, the grid cells may be of any shape like square, circle, oval etc. without departing from the scope of the present disclosure.
  • the display 114 is also configured to act as user interface, thereby receiving input from the user.
  • the input from the user can be any input that results from contact or contactless gesture with the user interface.
  • Contact input can either be made directly, such as touching a user interface with a finger, or indirectly by using an implement, such as a stylus, to act as an intermediary.
  • Contactless input can be air gesture like swiping, pointing in the air in front of the user interface.
  • a non- exhaustive list of user interfaces capable of detecting tactile input includes: touch screens, knobs, dials, buttons, switches, joy sticks, and levers, for example.
  • the computing device 102 may include, but are not limited to, smart phones, tablets, Global Positioning System (GPS) receivers, Television (TV) remote controls, personal digital assistants (PDAs), audio- and video-file players (e.g., MP3 players and iPODs), digital cameras, ATM Machines, and e-book readers (e.g., Kindles and Nooks).
  • a computing device can be any device that comprises at least one user interface, is capable of receiving input from the user, and provide access to the user based on the input.
  • Fig. 4 shows a flowchart illustrating a method for determining user PIN using the computing device 102 in accordance with some embodiments of the present disclosure.
  • the method comprises one or more blocks for determining user PIN using the computing device 102.
  • the method may be described in the general context of computer executable instructions.
  • computer executable instructions can include routines, programs, objects, components, data structures, procedures, modules, and functions, which perform particular functions or implement particular abstract data types.
  • the method is initiated when a user performs any function on the computing device 102 and an authentication is required to perform the function.
  • a request for a matrix for entering PIN from the computing device 102 receives a request for a matrix for entering PIN from the computing device 102.
  • a request for providing a matrix is sent from the computing device 102 to the server 104.
  • the matrix is used by the user to enter PIN for authenticating the user.
  • the request from the computing device 102 comprises an identification of the computing device 102. As an example, if the computing device 102 is a mobile phone, a mobile number of the mobile phone is transmitted along with the request.
  • a cell of the matrix with coinciding row and column random sequence identifier is colored with a unique color.
  • An exemplary representation of the matrix is illustrated in Fig. 3A.
  • the server 104 transmits only the matrix without the random sequence identifier.
  • the computing device 102 transmits a request for the random sequence number of row of the matrix.
  • the server 104 then transmits the row random sequence number to the computing device 102.
  • the server 104 additionally transmits a predefined sequence in which the user PIN has to be sent back to the server 104. For example, if the PIN is a 4 digit PIN, the server may require the PIN to be sent in an order. For example, the order may be third digit followed by first digit followed by fourth digit followed by second digit. This step provides further security in a way that the correct PIN may not be decrypted while being transmitted through network.
  • the matrix and the random sequence identifier of each row are displayed on a display 114 of the computing device 102.
  • the user of the computing device 102 enters the PIN on the display 114 of the computing device 102.
  • the PIN is 7084
  • the user looks for the row in which digit 7 is placed.
  • digit 7 is displayed in row 8.
  • the user selects the grid cell which is colored "purple” in the matrix.
  • Next digit is 0, hence the user looks for the row 4 and selects the grid cell colored "orange”.
  • the user selects "blue" and "black” grid cells for digits 8 and 4 respectively.
  • the user can touch/ gesture over a colored grid cell to select the grid cell and thereby enter the PIN.
  • At block 440 receive at least one of Red Green Blue (RGB) value of a selected colored cell and the cell alphabet indices of the selected colored cell in the predefined sequence.
  • the color equivalent of the PIN 7084 is purple, orange, blue and black.
  • the RGB information of each of these colors is sent to the server 104. Based on the predefined sequence, which could be 3214, the sequence in which the RGB information is sent is changed as blue, orange, purple and black.
  • the server 104 rearranges the colors based on the sequencer information. For example, the server 104 receives colors in the order blue, orange, purple and black, and rearranges the color in the order of purple, orange, blue and black. Once the colors are rearranged, the RGB information is mapped onto the grid matrix that was sent to the computing device 102. The PIN is deciphered from the matrix and used for further processing in the server 104.
  • a request for a matrix for entering PIN from the computing device 102.
  • a request for providing a matrix is sent from the computing device 102 to the server 104.
  • the matrix is used by the user to enter PIN for authenticating the user.
  • the request from the computing device 102 comprises an identification of the computing device 102. As an example, if the computing device 102 is a mobile phone, a mobile number of the mobile phone is transmitted along with the request.
  • a cell of the matrix with coinciding row and column random sequence identifier is colored with a unique color.
  • An exemplary representation of the matrix is illustrated in Fig. 3B.
  • the server 104 transmits only the matrix without the random sequence identifier.
  • the computing device 102 transmits a request for the random sequence number of row of the matrix.
  • the server 104 transmits the row random sequence number 302, 304 and alphabets 306, 308 corresponding to the row and column of the matrix to the computing device 102.
  • the server 104 additionally transmits a predefined sequence in which the user PIN has to be sent back to the server 104. Now, the matrix and the random sequence identifier of each row are displayed on a display 114 of the computing device 102.
  • the user of the computing device 102 enters the PIN on the display 114 of the computing device 102.
  • the PIN is 7084
  • the user looks for the row in which digit 7 is placed.
  • digit 7 is displayed in row 8. So, the user selects the grid cell which is colored "purple" in the matrix.
  • the mobile application denotes the selected grid cell as [Z,E].
  • Next digit is 0, hence the user looks for the row 4 and selects the grid cell colored "orange”.
  • the computing device 102 denotes this grid cell as [J,P].
  • the user selects "blue” and “black” grid cells for digits 8 and 4 respectively.
  • These grid cells are denoted as [Q,B] and [M,Q] respectively in the mobile application.
  • the user can touch/ gesture over a colored grid cell to select the grid cell and thereby enter the PIN.
  • At block 440 receive at least one of Red Green Blue (RGB) value of a selected colored cell and the cell alphabet indices of the selected colored cell in the predefined sequence.
  • the cell alphabet indices of the user PIN is denoted by [Z,E][J,P][Q,B][M,Q]. Now assuming that the predefined sequence sent by the server 104 is 3412, the cell indices is sent as [Q,B][M,Q][Z,E][J,P] to the server 104.
  • the server 104 rearranges the colors based on the sequencer information. Once the cell alphabet indices are rearranged, the cell alphabet indices information is mapped onto the grid matrix that was sent to the computing device 102. The PIN is deciphered from the matrix and used for further processing in the server.
  • Fig. 5 illustrates a block diagram of computing device for providing non-touch based detection of PIN in accordance with second embodiment of the present disclosure.
  • eye gesture of the user is used to determine the PIN entered by the user.
  • the network architecture is similar to the architecture described in Fig. 1.
  • the architecture comprises a computing device 502 connected to a server 104 through a communication network 106.
  • the computing device 502 used for implementing the second embodiment in described in Fig. 5.
  • the computing device comprises the processor 108, the memory 110, the interface 112, and the display 114 similar to the computing device 102.
  • the computing device 502 comprises an image capturing unit 116.
  • the image capturing unit 504 is configured to capture eye gesture of the user for determining PIN entered by eye gesture.
  • Fig. 7 shows a flowchart illustrating a method for providing non-touch based detection of PIN in accordance with some embodiments of the present disclosure.
  • the method comprises one or more blocks for providing non- touch based detection of PIN.
  • the method may be described in the general context of computer executable instructions.
  • computer executable instructions can include routines, programs, objects, components, data structures, procedures, modules, and functions, which perform particular functions or implement particular abstract data types.
  • the order in which the method is described is not intended to be construed as a limitation, and any number of the described method blocks can be combined in any order to implement the method. Additionally, individual blocks may be deleted from the methods without departing from the spirit and scope of the subject matter described herein.
  • the method can be implemented in any suitable hardware, software, firmware, or combination thereof.
  • the method is initiated when a user performs any function on the computing device 102 and an authentication is required to perform the function.
  • an exemplary computing device 502 with plurality of digits displayed on the display 114 is illustrated in Fig. 6 A. It is apparent to a person skilled in the art that the digits may be placed in any random fashion in the display 114 of the computing device 502.
  • the server 104 provides a screen layout of randomly placed digits 0-9.
  • the selection of one or more digits is determined through an image capturing unit 504 associated to the computing device 502 by tracking eye geometry of the user.
  • An exemplary illustration of image capturing unit 504 capturing the eye gesture of the user is illustrated in Fig. 6B.
  • the method of determining selection of digits of PIN is described in Fig. 8.
  • the user of the computing device 502 gazes at digits displayed on the display 114 of the computing device 502.
  • the image capturing unit 504 captures the gaze of the eye on the particular digit. Then, after a few seconds, the user blinks the eyes indicating the recognition of that particular digit in the PIN on the display 114.
  • the image captured by the image capturing unit 504 is transmitted to the processor 108 of the computing device 502. Based on the information from the image capturing unit 504, the computing device 502 calculates the angle subtended between the image capturing unit 504, the eye and selected digit.
  • the computing device 502 determines the digit of the PIN selected by the user.
  • one or more angles may be mapped to a certain pixel location on the display 114. The pixel location may be in turn mapped to a corresponding digit.
  • the other digits of the PIN are determined using the same process defined above. Then, the digits of the PIN are encrypted using the predefined sequence provided by the server 104.
  • decrypt the one or more encrypted digits using the predefined sequence to detect the entered PIN decrypt the one or more encrypted digits using the predefined sequence to detect the entered PIN.
  • the processing of the PIN is performed in the same way which is explained hereinabove,
  • FIG. 9 illustrates a block diagram of an exemplary computer system 900 for implementing embodiments consistent with the present disclosure.
  • the computer system 900 is used to implement the computing device 100.
  • the computer system 900 monitors the health condition of a subject.
  • the computer system 900 may comprise a central processing unit ("CPU” or "processor") 902.
  • the processor 902 may comprise at least one data processor for executing program components for executing user- or system-generated business processes.
  • a user may include a person, a person using a device such as those included in this disclosure, or such a device itself.
  • the processor 902 may include specialized processing units such as integrated system (bus) controllers, memory management control units, floating point units, graphics processing units, digital signal processing units, etc.
  • bus integrated system
  • the processor 902 may be disposed in communication with one or more input/output (I/O) devices (911 and 912) via I/O interface 901.
  • the I/O interface 901 may employ communication protocols/methods such as, without limitation, audio, analog, digital, monoaural, RCA, stereo, IEEE- 1394, serial bus, universal serial bus (USB), infrared, PS/2, BNC, coaxial, component, composite, digital visual interface (DVT), high-definition multimedia interface (HDMI), RF antennas, S-Video, VGA, IEEE 802.n /b/g/n/x, Bluetooth, cellular (e.g., code- division multiple access (CDMA), high-speed packet access (HSPA+), global system for mobile communications (GSM), long-term evolution (LTE), WiMax, or the like), etc.
  • CDMA code- division multiple access
  • HSPA+ high-speed packet access
  • GSM global system for mobile communications
  • LTE long-term evolution
  • WiMax wireless wide area network
  • the computer system 900 may communicate with one or more I/O devices (911 and 912).
  • the input device 911 may be an antenna, keyboard, mouse, joystick, (infrared) remote control, camera, card reader, fax machine, dongle, biometric reader, microphone, touch screen, touchpad, trackball, stylus, scanner, storage device, transceiver, video device/source, etc.
  • the output device 912 may be a printer, fax machine, video display (e.g., cathode ray tube (CRT), liquid crystal display (LCD), light-emitting diode (LED), plasma, Plasma display panel (PDP), Organic light-emitting diode display (OLED) or the like), audio speaker, etc.
  • CTR cathode ray tube
  • LCD liquid crystal display
  • LED light-emitting diode
  • PDP Plasma display panel
  • OLED Organic light-emitting diode display
  • the processor 902 may be disposed in communication with a communication network 909 via a network interface 903.
  • the network interface 903 may communicate with the communication network 909.
  • the network interface 903 may employ connection protocols including, without limitation, direct connect, Ethernet (e.g., twisted pair 10/100/1000 Base T), transmission control protocol/internet protocol (TCP/IP), token ring, IEEE 802.11a/b/g/n/x, etc.
  • the communication network 909 may include, without limitation, a direct interconnection, local area network (LAN), wide area network (WAN), wireless network (e.g., using Wireless Application Protocol), the Internet, etc.
  • the computer system 900 may communicate with server 910.
  • the processor 902 may be disposed in communication with a memory 905 (e.g., RAM, ROM, etc. not shown in figure 9) via a storage interface 904.
  • the storage interface 904 may connect to memory 905 including, without limitation, memory drives, removable disc drives, etc., employing connection protocols such as serial advanced technology attachment (SAT A), Integrated Drive Electronics (IDE), IEEE- 1394, Universal Serial Bus (USB), fiber channel, Small Computer Systems Interface (SCSI), etc.
  • the memory drives may further include a drum, magnetic disc drive, magneto-optical drive, optical drive, Redundant Array of Independent Discs (RAID), solid-state memory devices, solid-state drives, etc.
  • the memory 905 may store a collection of program or database components, including, without limitation, user interface application 906, an operating system 907, web server 908 etc.
  • computer system 900 may store user/application data 906, such as the data, variables, records, etc. as described in this disclosure.
  • databases may be implemented as fault- tolerant, relational, scalable, secure databases such as Oracle or Sybase.
  • the operating system 907 may facilitate resource management and operation of the computer system 900.
  • Examples of operating systems include, without limitation, Apple Macintosh OS X, Unix, Unix-like system distributions (e.g., Berkeley Software Distribution (BSD), FreeBSD, NetBSD, OpenBSD, etc.), Linux distributions (e.g., Red Hat, Ubuntu, Kubuntu, etc.), IBM OS/2, Microsoft Windows (XP, Vista/7/8, etc.), Apple lOS, Google Android, Blackberry OS, or the like.
  • User interface 917 may facilitate display, execution, interaction, manipulation, or operation of program components through textual or graphical facilities.
  • GUIs may provide computer interaction interface elements on a display system operatively connected to the computer system 900, such as cursors, icons, check boxes, menus, scrollers, windows, widgets, etc.
  • Graphical user interfaces may be employed, including, without limitation, Apple Macintosh operating systems' Aqua, IBM OS/2, Microsoft Windows (e.g., Aero, Metro, etc.), Unix X-Windows, web interface libraries (e.g., ActiveX, Java, Javascript, AJAX, HTML, Adobe Flash, etc.), or the like.
  • the computer system 900 may implement a web browser 908 stored program component.
  • the web browser may be a hypertext viewing application, such as Microsoft Internet Explorer, Google Chrome, Mozilla Firefox, Apple Safari, etc. Secure web browsing may be provided using HTTPS (secure hypertext transport protocol), secure sockets layer (SSL), Transport Layer Security (TLS), etc. Web browsers may utilize facilities such as AJAX, DHTML, Adobe Flash, JavaScript, Java, application programming interfaces (APIs), etc.
  • the computer system 900 may implement a mail server 919 stored program component.
  • the mail server may be an Internet mail server such as Microsoft Exchange, or the like.
  • the mail server may utilize facilities such as ASP, ActiveX, ANSI C++/C#, Microsoft .NET, CGI scripts, Java, JavaScript, PERL, PHP, Python, WebObjects, etc.
  • the mail server may utilize communication protocols such as Internet Message Access Protocol (IMAP), Messaging Application Programming Interface (MAPI), Microsoft Exchange, Post Office Protocol (POP), Simple Mail Transfer Protocol (SMTP), or the like.
  • IMAP Internet Message Access Protocol
  • MAPI Messaging Application Programming Interface
  • PMP Post Office Protocol
  • SMTP Simple Mail Transfer Protocol
  • the computer system 900 may implement a mail client stored program component.
  • the mail client may be a mail viewing application, such as Apple Mail, Microsoft Entourage, Microsoft Outlook, Mozilla Thunderbird, etc.
  • a computer-readable storage medium refers to any type of physical memory on which information or data readable by a processor may be stored.
  • a computer-readable storage medium may store instructions for execution by one or more processors, including instructions for causing the processor(s) to perform steps or stages consistent with the embodiments described herein.
  • the term "computer- readable medium" should be understood to include tangible items and exclude carrier waves and transient signals, i.e., be non-transitory. Examples include Random Access Memory (RAM), Read-Only Memory (ROM), volatile memory, nonvolatile memory, hard drives, CD ROMs, DVDs, flash drives, disks, and any other known physical storage media.
  • Embodiment of the present disclosure provides a secure authentication process for transactions that occur over a communication network.
  • the finger swipe marks on the display screen of the computing device will not enable a hacker to unlock the device.
  • a different grid is displayed each time, thereby making hacking of the user PIN difficult to hack.
  • the user never enters the digits of the PIN on the computing device, thereby enhancing security of the PIN.
  • the described operations may be implemented as a method, system or article of manufacture using standard programming and/or engineering techniques to produce software, firmware, hardware, or any combination thereof.
  • the described operations may be implemented as code maintained in a "non-transitory computer readable medium", where a processor may read and execute the code from the computer readable medium.
  • the processor is at least one of a microprocessor and a processor capable of processing and executing the queries.
  • a non- transitory computer readable medium may comprise media such as magnetic storage medium (e.g., hard disk drives, floppy disks, tape, etc.), optical storage (CD-ROMs, DVDs, optical disks, etc.), volatile and non-volatile memory devices (e.g., EEPROMs, ROMs, PROMs, RAMs, DRAMs, SRAMs, Flash Memory, firmware, programmable logic, etc.), etc.
  • non- transitory computer-readable media comprise all computer-readable media except for a transitory.
  • the code implementing the described operations may further be implemented in hardware logic (e.g., an integrated circuit chip, Programmable Gate Array (PGA), Application Specific Integrated Circuit (ASIC), etc.). Still further, the code implementing the described operations may be implemented in
  • transmission signals where transmission signals may propagate through space or through a transmission media, such as an optical fiber, copper wire, etc.
  • the transmission signals in which the code or logic is encoded may further comprise a wireless signal, satellite transmission, radio waves, infrared signals, Bluetooth, etc.
  • the transmission signals in which the code or logic is encoded is capable of being transmitted by a transmitting station and received by a receiving station, where the code or logic encoded in the transmission signal may be decoded and stored in hardware or a non-transitory computer readable medium at the receiving and transmitting stations or devices.
  • An “article of manufacture” comprises non-transitory computer readable medium, hardware logic, and/or transmission signals in which code may be implemented.
  • a device in which the code implementing the described embodiments of operations is encoded may comprise a computer readable medium or hardware logic.
  • the code implementing the described embodiments of operations may comprise a computer readable medium or hardware logic.
  • an embodiment means “one or more (but not all) embodiments of the invention(s)" unless expressly specified otherwise.

Abstract

Embodiments of the present disclosure disclose a method and system for determining user PIN using a computing device. In an embodiment, an application on the computing device displays a matrix structure with random number sequences along the row and column of the matrix. The matrix cell corresponding to the intersection of the digits in respective row and column is colored in different colors. The user selects one or more colors corresponding to the user PIN. The selected colors are sent to the server for determining PIN of the user. In an alternate embodiment, the present disclosure uses the eye gestures on the computing device for recognizing the PIN entered by the user.

Description

Method and system for secure PIN entry on computing devices.
TECHNICAL FIELD The present subject matter is related, in general to secure entry of credentials such as personal identification numbers (PINs), and more particularly, but not exclusively to a method and a server for secure PIN entry on computing devices.
BACKGROUND
Portable personal computing devices such as smart phones, Personal Digital Assistants (PDAs), portable computers, tablet computers and audio devices such as digital music players have become ubiquitous in recent years. This opens up the possibility of many different mobile applications such as mobile banking, mobile payment, mobile commerce, and person-to-person money transfer, among others.
One of most important aspects of these applications is the authentication of the user and verification of the identity. In many systems, the authentication is done by using a 4 to 12 digits number called a Personal Identification Number (PIN). The PIN is a number known only to that person and not to anyone else.
Accepting PIN entry by using software running on computing devices and by using the keys or touch screens on the mobile devices are inherently insecure. This is because the personal identification number (PIN) is considered weak against shoulder surfing or a recording attack by a third person, or a spyware/key logger attack since a password of a user is exposed as it is.
One most widely used method for user PIN entry is the pattern lock. The pattern locking is very popular because of its interesting and fun way to unlock the mobile unlike a password entry mechanism. However, this pattern lock is vulnerable because of following reasons. Firstly, if anyone sees the pattern while unlocking by the user, they can easily remember and can hack the pattern. This is because the dots are connected via line and the connected dots are adjacent to each other. Secondly, if the screen of the mobile phone is closely observed immediately after it is unlocked, finger swipe marks can be seen on the screen which in turn leads to hacking the pattern. Gesture unlock patterns set up by an authorized user can be discovered by viewing the finger smudge path on the glass. This smudge path is particularly visible when the screen is dark and the unlock gesture is traced out many times in a more intentional fashion where the user exerts more finger pressure.
Accordingly there is need for a method for providing secure method of PIN entry on computing devices.
SUMMARY
One or more shortcomings of the prior art are overcome and additional advantages are provided through the present disclosure. Additional features and advantages are realized through the techniques of the present disclosure. Other embodiments and aspects of the disclosure are described in detail herein and are considered a part of the claimed disclosure.
Disclosed herein is a method of determining a user PIN using a computing device. The method comprises receiving, by a server, a request for a matrix for entering PIN from the computing device. The method further comprises generating a matrix along with at least one of a random sequence identifier for each row and column of the matrix and cell alphabet indices. In an embodiment, a cell of the matrix with coinciding row and column random sequence identifier is colored with a unique color. The method further comprises providing the matrix along with a predefined sequence and at least one of cell alphabet indices and the random sequence identifier of each row. The matrix and the random sequence identifier of each row is displayed on a display of the computing device. The method further comprises receiving at least one of Red Green Blue (RGB) value of a selected colored cell and the cell alphabet indices of the selected colored cell in the predefined sequence. The method further comprises determining the PIN based on the predefined sequence and at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell. In an aspect of the present disclosure, a server for determining a user PIN using a computing device is disclosed. The system comprises a processor and a memory communicatively coupled to the processor. The memory stores processor-executable instructions which on execution, causes the processor to receive a request for a matrix for entering PIN from the computing device. Then, the processor generates a matrix along with at least one of a random sequence identifier for each row and column of the matrix and cell alphabet indices, wherein a cell of the matrix with coinciding row and column random sequence identifier is colored with a unique color. Further, the processor provides the matrix along with a predefined sequence and at least one of cell alphabet indices and the random sequence identifier of each row, wherein the matrix and the random sequence identifier of each row is displayed on a display of the computing device. Then, the processor receives at least one of Red Green Blue (RGB) value of a selected colored cell and the cell alphabet indices of the selected colored cell in the predefined sequence. Further, the processor determines the PIN based on the predefined sequence and at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell.
Disclosed herein is a method of providing non-touch based detection of the PIN using a computing device. The method comprises providing, by a server, a plurality of digits for displaying on a display of the computing device along with a predefined sequence for encrypting a PIN. The method comprises receiving selection of one or more digits of the plurality of digits defining the PIN from the computing device. The selection of one or more digits is determined through an image capturing unit associated to the computing device by tracking eye geometry of the user and the one or more digits are encrypted using the predefined sequence. Then, the method comprises decrypting the one or more encrypted digits using the predefined sequence to detect the PIN.
In an aspect of the present disclosure, a server for providing non-touch based detection of the PIN using a computing device is disclosed. The system comprises a processor and a memory communicatively coupled to the processor. The memory stores processor-executable instructions which on execution, causes the processor to provide a plurality of digits for displaying on a display of the computing device along with a predefined sequence for encrypting a PIN. Then, the processor receives selection of one or more digits of the plurality of digits defining the PIN from the computing device. The selection of one or more digits is determined through an image capturing unit associated to the computing device by tracking eye geometry of the user, and wherein the one or more digits are encrypted using the predefined sequence. Further, the processor decrypts the one or more encrypted digits using the predefined sequence to detect the entered PIN.
The foregoing summary is illustrative only and is not intended to be in any way limiting. In addition to the illustrative aspects, embodiments, and features described above, further aspects, embodiments, and features will become apparent by reference to the drawings and the following detailed description.
BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWINGS
The accompanying drawings, which are incorporated in and constitute a part of this disclosure, illustrate exemplary embodiments and, together with the description, serve to explain the disclosed principles. In the figures, the left-most digit(s) of a reference number identifies the figure in which the reference number first appears. The same numbers are used throughout the figures to reference like features and components. Some embodiments of system and/or methods in accordance with embodiments of the present subject matter are now described, by way of example only, and with reference to the accompanying figures, in which:
Fig. 1 illustrates a block diagram of exemplary network architecture for determining user PIN in accordance with some embodiments of the present disclosure;
Fig. 2 illustrates a block diagram of computing device for determining user PIN in accordance with some embodiments of the present disclosure;
Fig. 3A and 3B illustrates exemplary embodiments of user interface of computing device to determine user PIN in accordance with some embodiments of the present disclosure;
Fig. 4 shows a flowchart illustrating a method for determining user PIN in accordance with some embodiments of the present disclosure; and Fig. 5 illustrates a block diagram of computing device for providing non-touch based detection of PIN in accordance with some embodiments of the present disclosure; Figs. 6A and 6B illustrate exemplary embodiments of user interface of computing device for providing non-touch based detection of PIN in accordance with some embodiments of the present disclosure;
Fig. 7 shows a flowchart illustrating a method for providing non-touch based detection of PIN in accordance with some embodiments of the present disclosure; and
Fig. 8 shows a flowchart illustrating a method for determining selection of digits of PIN in accordance with some embodiments of the present disclosure; and Fig. 9 illustrates a block diagram of an exemplary computer system for implementing embodiments consistent with the present disclosure.
It should be appreciated by those skilled in the art that any block diagrams herein represent conceptual views of illustrative systems embodying the principles of the present subject matter. Similarly, it will be appreciated that any flow charts, flow diagrams, state transition diagrams, pseudo code, and the like represent various processes which may be substantially represented in computer readable medium and executed by a computer or processor, whether or not such computer or processor is explicitly shown. DETAILED DESCRD7TION
In the present document, the word "exemplary" is used herein to mean "serving as an example, instance, or illustration." Any embodiment or implementation of the present subject matter described herein as "exemplary" is not necessarily to be construed as preferred or advantageous over other embodiments.
While the disclosure is susceptible to various modifications and alternative forms, specific embodiment thereof has been shown by way of example in the drawings and will be described in detail below. It should be understood, however that it is not intended to limit the disclosure to the particular forms disclosed, but on the contrary, the disclosure is to cover all modifications, equivalents, and alternative falling within the spirit and the scope of the disclosure. The terms "comprises", "comprising", or any other variations thereof, are intended to cover a non-exclusive inclusion, such that a setup, device or method that comprises a list of components or steps does not include only those components or steps but may include other components or steps not expressly listed or inherent to such setup or device or method. In other words, one or more elements in a system or apparatus proceeded by "comprises... a" does not, without more constraints, preclude the existence of other elements or additional elements in the system or apparatus.
Embodiments of the present disclosure are related to a method and a system for determining user PIN using a computing device. In an embodiment, the user does not enter original PIN on the display screen of the computing device. The application on the computing device comprises a matrix structure with random number sequences along the row and column of the matrix. The matrix cell corresponding to the intersection of the digits in respective row and column is colored in different colors. The user selects one or more colors corresponding to the user PIN. The selected colors are sent to the server for determining PIN of the user. In an embodiment, the selected colors are transmitted in a different order to the server for providing additional security. The server upon receiving the information on the selected colors, deciphers and determines the user ΡΓ .
In an embodiment, the present disclosure provides a non-touch based detection of PIN using a computing device. In this embodiment, the user gazes at a location on display screen of computing device indicating a digit corresponding to user PIN on the screen. Then, the user closes eye lid to confirm the gaze. An image capturing unit records the geometry of the location and transmits the information to the server which would in turn detect which digit displayed on the screen was selected. Also, the server would send a mask to the computing device which masks the actual PIN and send the mask back to the server.
In the following detailed description of the embodiments of the disclosure, reference is made to the accompanying drawings that form a part hereof, and in which are shown by way of illustration specific embodiments in which the disclosure may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the disclosure, and it is to be understood that other embodiments may be utilized and that changes may be made without departing from the scope of the present disclosure. The following description is, therefore, not to be taken in a limiting sense.
Fig. 1 illustrates a block diagram of exemplary network architecture for determining user PIN in accordance with some embodiments of the present disclosure.
The network architecture comprises one or more computing devices 102A, 102B,..., 102N (collectively referred to as 102) connected to a server 106 through a network 104. The computing device 102 is configured to authenticate the user of the computing device. The authentication may be for any purpose, including but not limiting to, accessing the computing device, accessing particular applications of the computing device, authenticating user for performing a transaction etc. The computing device 102 receives a masked PIN entered by a user and transmits the masked PIN to the server for determining the actual PIN. Examples of the server 102 include, but are not limited to, a laptop computer, a desktop computer, a notebook, a workstation, a mainframe computer, a server, a network server, and the like.
The computing device 102 may include at least one central processing unit ("CPU" or "processor") 108 and a memory 110 storing instructions executable by the at least one processor 108. The processor 108 may comprise at least one data processor for executing program components for executing user- or system-generated requests. A user may include a person, a person using a device such as those included in this disclosure, or such a device itself. The memory 110 is communicatively coupled to the processor 108.
The computing device 102 further comprises an I/O interface 112 and a display 114. The I/O interface 112 is coupled with the processor 108 through which the user input is received. The display 114 is used to display a user interface for input relating to user PIN. An exemplary embodiment of user interface is illustrated in Fig. 3A. The user interface comprises a grid structure comprising grid cells. As an example, the grid is a 10-by-lO matrix. In an embodiment, a random digit sequence is displayed along one of the row 302 and column 304 of grid cells of the matrix to serve as a guide. In the following examples the row random digit sequence is displayed. However, a person skilled in the art would understand that the method will perform even when column random digit sequence is displayed. Further, the grid cell corresponding to intersection of the digits in respective row and column is colored with a predefined color. As an example, the grid cell that corresponds to intersection of digit 4 in row and column of the grid is colored in 'black'.
In an embodiment, a random digit sequence and random alphabet sequence is displayed along one of the rows 302, 306 and columns 304, 308 of grid cells of the matrix to serve as a guide. The grid cell corresponding to intersection of the digits in respective row and column is colored with a predefined color. As an example, the grid cell that corresponds to intersection of digit 4 in row and column of the grid is colored in 'black'. Note that while a 10-by-lO grid is used to illustrate various embodiments, other grid sizes may also be incorporated. Also, the grid cells may be of any shape like square, circle, oval etc. without departing from the scope of the present disclosure. The display 114 is also configured to act as user interface, thereby receiving input from the user. The input from the user can be any input that results from contact or contactless gesture with the user interface. Contact input can either be made directly, such as touching a user interface with a finger, or indirectly by using an implement, such as a stylus, to act as an intermediary. Contactless input can be air gesture like swiping, pointing in the air in front of the user interface. A non- exhaustive list of user interfaces capable of detecting tactile input includes: touch screens, knobs, dials, buttons, switches, joy sticks, and levers, for example.
As an example, the computing device 102 may include, but are not limited to, smart phones, tablets, Global Positioning System (GPS) receivers, Television (TV) remote controls, personal digital assistants (PDAs), audio- and video-file players (e.g., MP3 players and iPODs), digital cameras, ATM Machines, and e-book readers (e.g., Kindles and Nooks). For purposes of these teachings, a computing device can be any device that comprises at least one user interface, is capable of receiving input from the user, and provide access to the user based on the input. Fig. 4 shows a flowchart illustrating a method for determining user PIN using the computing device 102 in accordance with some embodiments of the present disclosure. As illustrated in Figure 4, the method comprises one or more blocks for determining user PIN using the computing device 102. The method may be described in the general context of computer executable instructions. Generally, computer executable instructions can include routines, programs, objects, components, data structures, procedures, modules, and functions, which perform particular functions or implement particular abstract data types.
The order in which the method is described is not intended to be construed as a limitation, and any number of the described method blocks can be combined in any order to implement the method. Additionally, individual blocks may be deleted from the methods without departing from the spirit and scope of the subject matter described herein. Furthermore, the method can be implemented in any suitable hardware, software, firmware, or combination thereof.
The method is initiated when a user performs any function on the computing device 102 and an authentication is required to perform the function.
At block 410, receive a request for a matrix for entering PIN from the computing device 102. Once the user is required to be authenticated, a request for providing a matrix is sent from the computing device 102 to the server 104. The matrix is used by the user to enter PIN for authenticating the user. The request from the computing device 102 comprises an identification of the computing device 102. As an example, if the computing device 102 is a mobile phone, a mobile number of the mobile phone is transmitted along with the request.
At block 420, generate a matrix along with at least one of random sequence identifier for each row and column of the matrix and cell alphabet indices. In an embodiment, a cell of the matrix with coinciding row and column random sequence identifier is colored with a unique color. An exemplary representation of the matrix is illustrated in Fig. 3A.
At block 430, provide the matrix along with a predefined sequence and at least one of cell alphabet indices and the random sequence identifier of each row. First, the server 104 transmits only the matrix without the random sequence identifier. Upon receiving the matrix, the computing device 102 transmits a request for the random sequence number of row of the matrix. The server 104 then transmits the row random sequence number to the computing device 102.
In an embodiment, the server 104 additionally transmits a predefined sequence in which the user PIN has to be sent back to the server 104. For example, if the PIN is a 4 digit PIN, the server may require the PIN to be sent in an order. For example, the order may be third digit followed by first digit followed by fourth digit followed by second digit. This step provides further security in a way that the correct PIN may not be decrypted while being transmitted through network.
Now, the matrix and the random sequence identifier of each row are displayed on a display 114 of the computing device 102. The user of the computing device 102 enters the PIN on the display 114 of the computing device 102. In an exemplary embodiment and as illustrated in Fig. 3A, if the PIN is 7084, the user looks for the row in which digit 7 is placed. In the illustrated figure digit 7 is displayed in row 8. So, the user selects the grid cell which is colored "purple" in the matrix. Next digit is 0, hence the user looks for the row 4 and selects the grid cell colored "orange". Similarly, the user selects "blue" and "black" grid cells for digits 8 and 4 respectively. In an embodiment, the user can touch/ gesture over a colored grid cell to select the grid cell and thereby enter the PIN.
At block 440, receive at least one of Red Green Blue (RGB) value of a selected colored cell and the cell alphabet indices of the selected colored cell in the predefined sequence. The color equivalent of the PIN 7084 is purple, orange, blue and black. The RGB information of each of these colors is sent to the server 104. Based on the predefined sequence, which could be 3214, the sequence in which the RGB information is sent is changed as blue, orange, purple and black.
At block 450, determine the PIN based on the predefined sequence and at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell. The server 104 rearranges the colors based on the sequencer information. For example, the server 104 receives colors in the order blue, orange, purple and black, and rearranges the color in the order of purple, orange, blue and black. Once the colors are rearranged, the RGB information is mapped onto the grid matrix that was sent to the computing device 102. The PIN is deciphered from the matrix and used for further processing in the server 104.
An alternate embodiment, of the above method is explained below with the help of illustration illustrated in Fig. 3B. At block 410, receive a request for a matrix for entering PIN from the computing device 102. Once the user is required to be authenticated, a request for providing a matrix is sent from the computing device 102 to the server 104. The matrix is used by the user to enter PIN for authenticating the user. The request from the computing device 102 comprises an identification of the computing device 102. As an example, if the computing device 102 is a mobile phone, a mobile number of the mobile phone is transmitted along with the request.
At block 420, generate a matrix along with at least one of random sequence identifier for each row and column of the matrix and cell alphabet indices. In an embodiment, a cell of the matrix with coinciding row and column random sequence identifier is colored with a unique color. An exemplary representation of the matrix is illustrated in Fig. 3B.
At block 430, provide the matrix along with a predefined sequence and at least one of cell alphabet indices and the random sequence identifier of each row. First, the server 104 transmits only the matrix without the random sequence identifier. Upon receiving the matrix, the computing device 102 transmits a request for the random sequence number of row of the matrix. The server 104 then transmits the row random sequence number 302, 304 and alphabets 306, 308 corresponding to the row and column of the matrix to the computing device 102. In an embodiment, the server 104 additionally transmits a predefined sequence in which the user PIN has to be sent back to the server 104. Now, the matrix and the random sequence identifier of each row are displayed on a display 114 of the computing device 102.
The user of the computing device 102 enters the PIN on the display 114 of the computing device 102. In an exemplary embodiment and as illustrated in Fig. 3B, if the PIN is 7084, the user looks for the row in which digit 7 is placed. In the illustrated figure digit 7 is displayed in row 8. So, the user selects the grid cell which is colored "purple" in the matrix. Internally, the mobile application denotes the selected grid cell as [Z,E]. Next digit is 0, hence the user looks for the row 4 and selects the grid cell colored "orange". The computing device 102 denotes this grid cell as [J,P]. Similarly, the user selects "blue" and "black" grid cells for digits 8 and 4 respectively. These grid cells are denoted as [Q,B] and [M,Q] respectively in the mobile application. In an embodiment, the user can touch/ gesture over a colored grid cell to select the grid cell and thereby enter the PIN.
At block 440, receive at least one of Red Green Blue (RGB) value of a selected colored cell and the cell alphabet indices of the selected colored cell in the predefined sequence. The cell alphabet indices of the user PIN is denoted by [Z,E][J,P][Q,B][M,Q]. Now assuming that the predefined sequence sent by the server 104 is 3412, the cell indices is sent as [Q,B][M,Q][Z,E][J,P] to the server 104.
At block 450, determine the PIN based on the predefined sequence and at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell. The server 104 rearranges the colors based on the sequencer information. Once the cell alphabet indices are rearranged, the cell alphabet indices information is mapped onto the grid matrix that was sent to the computing device 102. The PIN is deciphered from the matrix and used for further processing in the server.
Fig. 5 illustrates a block diagram of computing device for providing non-touch based detection of PIN in accordance with second embodiment of the present disclosure. In the second embodiment, eye gesture of the user is used to determine the PIN entered by the user. The network architecture is similar to the architecture described in Fig. 1. The architecture comprises a computing device 502 connected to a server 104 through a communication network 106. The computing device 502 used for implementing the second embodiment in described in Fig. 5. The computing device comprises the processor 108, the memory 110, the interface 112, and the display 114 similar to the computing device 102. Additionally, the computing device 502 comprises an image capturing unit 116. The image capturing unit 504 is configured to capture eye gesture of the user for determining PIN entered by eye gesture. Fig. 7 shows a flowchart illustrating a method for providing non-touch based detection of PIN in accordance with some embodiments of the present disclosure.
As illustrated in Figure 7, the method comprises one or more blocks for providing non- touch based detection of PIN. The method may be described in the general context of computer executable instructions. Generally, computer executable instructions can include routines, programs, objects, components, data structures, procedures, modules, and functions, which perform particular functions or implement particular abstract data types. The order in which the method is described is not intended to be construed as a limitation, and any number of the described method blocks can be combined in any order to implement the method. Additionally, individual blocks may be deleted from the methods without departing from the spirit and scope of the subject matter described herein. Furthermore, the method can be implemented in any suitable hardware, software, firmware, or combination thereof.
The method is initiated when a user performs any function on the computing device 102 and an authentication is required to perform the function. At block 710, provide a plurality of digits for displaying on a display 114 of the computing device 502 along with a predefined sequence for encrypting a PIN. In an embodiment, an exemplary computing device 502 with plurality of digits displayed on the display 114 is illustrated in Fig. 6 A. It is apparent to a person skilled in the art that the digits may be placed in any random fashion in the display 114 of the computing device 502. As an example, the server 104 provides a screen layout of randomly placed digits 0-9.
At block 720, receive selection of one or more digits of the plurality of digits defining the PIN from the computing device 502. In an embodiment, the selection of one or more digits is determined through an image capturing unit 504 associated to the computing device 502 by tracking eye geometry of the user. An exemplary illustration of image capturing unit 504 capturing the eye gesture of the user is illustrated in Fig. 6B. The method of determining selection of digits of PIN is described in Fig. 8. At block 810, determine gazing on a predefined location of the display by the user for a predefined amount of time. The user of the computing device 502 gazes at digits displayed on the display 114 of the computing device 502. At block 820, determine closing of the eye lid by the user. The image capturing unit 504 captures the gaze of the eye on the particular digit. Then, after a few seconds, the user blinks the eyes indicating the recognition of that particular digit in the PIN on the display 114.
At block 830, determine geometry of the predefined location. The image captured by the image capturing unit 504 is transmitted to the processor 108 of the computing device 502. Based on the information from the image capturing unit 504, the computing device 502 calculates the angle subtended between the image capturing unit 504, the eye and selected digit.
At block 840, determine a digit corresponding to the geometry. Based on the angle, the computing device 502 determines the digit of the PIN selected by the user. In an exemplary embodiment, one or more angles may be mapped to a certain pixel location on the display 114. The pixel location may be in turn mapped to a corresponding digit.
Similarly the other digits of the PIN are determined using the same process defined above. Then, the digits of the PIN are encrypted using the predefined sequence provided by the server 104.
Referring back to method of Fig. 7, at block 730, decrypt the one or more encrypted digits using the predefined sequence to detect the entered PIN. The processing of the PIN is performed in the same way which is explained hereinabove,
Computer System
Figure 9 illustrates a block diagram of an exemplary computer system 900 for implementing embodiments consistent with the present disclosure. In an embodiment, the computer system 900 is used to implement the computing device 100. The computer system 900 monitors the health condition of a subject. The computer system 900 may comprise a central processing unit ("CPU" or "processor") 902. The processor 902 may comprise at least one data processor for executing program components for executing user- or system-generated business processes. A user may include a person, a person using a device such as those included in this disclosure, or such a device itself. The processor 902 may include specialized processing units such as integrated system (bus) controllers, memory management control units, floating point units, graphics processing units, digital signal processing units, etc.
The processor 902 may be disposed in communication with one or more input/output (I/O) devices (911 and 912) via I/O interface 901. The I/O interface 901 may employ communication protocols/methods such as, without limitation, audio, analog, digital, monoaural, RCA, stereo, IEEE- 1394, serial bus, universal serial bus (USB), infrared, PS/2, BNC, coaxial, component, composite, digital visual interface (DVT), high-definition multimedia interface (HDMI), RF antennas, S-Video, VGA, IEEE 802.n /b/g/n/x, Bluetooth, cellular (e.g., code- division multiple access (CDMA), high-speed packet access (HSPA+), global system for mobile communications (GSM), long-term evolution (LTE), WiMax, or the like), etc. Using the I/O interface 901, the computer system 900 may communicate with one or more I/O devices (911 and 912). For example, the input device 911 may be an antenna, keyboard, mouse, joystick, (infrared) remote control, camera, card reader, fax machine, dongle, biometric reader, microphone, touch screen, touchpad, trackball, stylus, scanner, storage device, transceiver, video device/source, etc. The output device 912 may be a printer, fax machine, video display (e.g., cathode ray tube (CRT), liquid crystal display (LCD), light-emitting diode (LED), plasma, Plasma display panel (PDP), Organic light-emitting diode display (OLED) or the like), audio speaker, etc.
In some embodiments, the processor 902 may be disposed in communication with a communication network 909 via a network interface 903. The network interface 903 may communicate with the communication network 909. The network interface 903 may employ connection protocols including, without limitation, direct connect, Ethernet (e.g., twisted pair 10/100/1000 Base T), transmission control protocol/internet protocol (TCP/IP), token ring, IEEE 802.11a/b/g/n/x, etc. The communication network 909 may include, without limitation, a direct interconnection, local area network (LAN), wide area network (WAN), wireless network (e.g., using Wireless Application Protocol), the Internet, etc. Using the network interface 903 and the communication network 909, the computer system 900 may communicate with server 910. In some embodiments, the processor 902 may be disposed in communication with a memory 905 (e.g., RAM, ROM, etc. not shown in figure 9) via a storage interface 904. The storage interface 904 may connect to memory 905 including, without limitation, memory drives, removable disc drives, etc., employing connection protocols such as serial advanced technology attachment (SAT A), Integrated Drive Electronics (IDE), IEEE- 1394, Universal Serial Bus (USB), fiber channel, Small Computer Systems Interface (SCSI), etc. The memory drives may further include a drum, magnetic disc drive, magneto-optical drive, optical drive, Redundant Array of Independent Discs (RAID), solid-state memory devices, solid-state drives, etc.
The memory 905 may store a collection of program or database components, including, without limitation, user interface application 906, an operating system 907, web server 908 etc. In some embodiments, computer system 900 may store user/application data 906, such as the data, variables, records, etc. as described in this disclosure. Such databases may be implemented as fault- tolerant, relational, scalable, secure databases such as Oracle or Sybase.
The operating system 907 may facilitate resource management and operation of the computer system 900. Examples of operating systems include, without limitation, Apple Macintosh OS X, Unix, Unix-like system distributions (e.g., Berkeley Software Distribution (BSD), FreeBSD, NetBSD, OpenBSD, etc.), Linux distributions (e.g., Red Hat, Ubuntu, Kubuntu, etc.), IBM OS/2, Microsoft Windows (XP, Vista/7/8, etc.), Apple lOS, Google Android, Blackberry OS, or the like. User interface 917 may facilitate display, execution, interaction, manipulation, or operation of program components through textual or graphical facilities. For example, user interfaces may provide computer interaction interface elements on a display system operatively connected to the computer system 900, such as cursors, icons, check boxes, menus, scrollers, windows, widgets, etc. Graphical user interfaces (GUIs) may be employed, including, without limitation, Apple Macintosh operating systems' Aqua, IBM OS/2, Microsoft Windows (e.g., Aero, Metro, etc.), Unix X-Windows, web interface libraries (e.g., ActiveX, Java, Javascript, AJAX, HTML, Adobe Flash, etc.), or the like.
In some embodiments, the computer system 900 may implement a web browser 908 stored program component. The web browser may be a hypertext viewing application, such as Microsoft Internet Explorer, Google Chrome, Mozilla Firefox, Apple Safari, etc. Secure web browsing may be provided using HTTPS (secure hypertext transport protocol), secure sockets layer (SSL), Transport Layer Security (TLS), etc. Web browsers may utilize facilities such as AJAX, DHTML, Adobe Flash, JavaScript, Java, application programming interfaces (APIs), etc. In some embodiments, the computer system 900 may implement a mail server 919 stored program component. The mail server may be an Internet mail server such as Microsoft Exchange, or the like. The mail server may utilize facilities such as ASP, ActiveX, ANSI C++/C#, Microsoft .NET, CGI scripts, Java, JavaScript, PERL, PHP, Python, WebObjects, etc. The mail server may utilize communication protocols such as Internet Message Access Protocol (IMAP), Messaging Application Programming Interface (MAPI), Microsoft Exchange, Post Office Protocol (POP), Simple Mail Transfer Protocol (SMTP), or the like. In some embodiments, the computer system 900 may implement a mail client stored program component. The mail client may be a mail viewing application, such as Apple Mail, Microsoft Entourage, Microsoft Outlook, Mozilla Thunderbird, etc.
Furthermore, one or more computer-readable storage media may be utilized in implementing embodiments consistent with the present disclosure. A computer-readable storage medium refers to any type of physical memory on which information or data readable by a processor may be stored. Thus, a computer-readable storage medium may store instructions for execution by one or more processors, including instructions for causing the processor(s) to perform steps or stages consistent with the embodiments described herein. The term "computer- readable medium" should be understood to include tangible items and exclude carrier waves and transient signals, i.e., be non-transitory. Examples include Random Access Memory (RAM), Read-Only Memory (ROM), volatile memory, nonvolatile memory, hard drives, CD ROMs, DVDs, flash drives, disks, and any other known physical storage media.
Advantages of the embodiment of the present disclosure are illustrated herein.
Embodiment of the present disclosure provides a secure authentication process for transactions that occur over a communication network. In an embodiment of the present disclosure, the finger swipe marks on the display screen of the computing device will not enable a hacker to unlock the device.
In an embodiment of the present disclosure, a different grid is displayed each time, thereby making hacking of the user PIN difficult to hack.
In an embodiment, the user never enters the digits of the PIN on the computing device, thereby enhancing security of the PIN. The described operations may be implemented as a method, system or article of manufacture using standard programming and/or engineering techniques to produce software, firmware, hardware, or any combination thereof. The described operations may be implemented as code maintained in a "non-transitory computer readable medium", where a processor may read and execute the code from the computer readable medium. The processor is at least one of a microprocessor and a processor capable of processing and executing the queries. A non- transitory computer readable medium may comprise media such as magnetic storage medium (e.g., hard disk drives, floppy disks, tape, etc.), optical storage (CD-ROMs, DVDs, optical disks, etc.), volatile and non-volatile memory devices (e.g., EEPROMs, ROMs, PROMs, RAMs, DRAMs, SRAMs, Flash Memory, firmware, programmable logic, etc.), etc. Further, non- transitory computer-readable media comprise all computer-readable media except for a transitory. The code implementing the described operations may further be implemented in hardware logic (e.g., an integrated circuit chip, Programmable Gate Array (PGA), Application Specific Integrated Circuit (ASIC), etc.). Still further, the code implementing the described operations may be implemented in
"transmission signals", where transmission signals may propagate through space or through a transmission media, such as an optical fiber, copper wire, etc. The transmission signals in which the code or logic is encoded may further comprise a wireless signal, satellite transmission, radio waves, infrared signals, Bluetooth, etc. The transmission signals in which the code or logic is encoded is capable of being transmitted by a transmitting station and received by a receiving station, where the code or logic encoded in the transmission signal may be decoded and stored in hardware or a non-transitory computer readable medium at the receiving and transmitting stations or devices. An "article of manufacture" comprises non-transitory computer readable medium, hardware logic, and/or transmission signals in which code may be implemented. A device in which the code implementing the described embodiments of operations is encoded may comprise a computer readable medium or hardware logic. Of course, those skilled in the art will recognize that many modifications may be made to this configuration without departing from the scope of the invention, and that the article of manufacture may comprise suitable information bearing medium known in the art.
The terms "an embodiment", "embodiment", "embodiments", "the embodiment", "the embodiments", "one or more embodiments", "some embodiments", and "one embodiment" mean "one or more (but not all) embodiments of the invention(s)" unless expressly specified otherwise.
The terms "including", "comprising", "having" and variations thereof mean "including but not limited to", unless expressly specified otherwise.
The enumerated listing of items does not imply that any or all of the items are mutually exclusive, unless expressly specified otherwise.
The terms "a", "an" and "the" mean "one or more", unless expressly specified otherwise.
A description of an embodiment with several components in communication with each other does not imply that all such components are required. On the contrary a variety of optional components are described to illustrate the wide variety of possible embodiments of the invention. When a single device or article is described herein, it will be readily apparent that more than one device/article (whether or not they cooperate) may be used in place of a single device/article. Similarly, where more than one device or article is described herein (whether or not they cooperate), it will be readily apparent that a single device/article may be used in place of the more than one device or article or a different number of devices/articles may be used instead of the shown number of devices or programs. The functionality and/or the features of a device may be alternatively embodied by one or more other devices which are not explicitly described as having such functionality/features. Thus, other embodiments of the invention need not include the device itself. The illustrated operations of Figures 4, 7 and 8 show certain events occurring in a certain order. In alternative embodiments, certain operations may be performed in a different order, modified or removed. Moreover, steps may be added to the above described logic and still conform to the described embodiments. Further, operations described herein may occur sequentially or certain operations may be processed in parallel. Yet further, operations may be performed by a single processing unit or by distributed processing units.
Finally, the language used in the specification has been principally selected for readability and instructional purposes, and it may not have been selected to delineate or circumscribe the inventive subject matter. It is therefore intended that the scope of the invention be limited not by this detailed description, but rather by any claims that issue on an application based here on. Accordingly, the disclosure of the embodiments of the invention is intended to be illustrative, but not limiting, of the scope of the invention, which is set forth in the following claims.
While various aspects and embodiments have been disclosed herein, other aspects and embodiments will be apparent to those skilled in the art. The various aspects and embodiments disclosed herein are for purposes of illustration and are not intended to be limiting, with the true scope and spirit being indicated by the following claims.
Referral Numerals;
Reference Number Description
102A, 102B,... ,
Computing device
102N (102)
104 Server
106 Network
108 Processor
110 Memory
112 Interface 114 Display
502 Computing Device
504 Image Capturing Unit
900 Computer System
5
901 I/O Interface
902 Processor
903 Network Interface
904 Storage Interface
905 Memory
906 User Interface Application
907 Operating System
908 Web Browser
909 Network
910 Server
911 Input Device
912 Output Device

Claims

We claim:
1. A method of determining a user PIN using a computing device, the method comprising:
receiving, by a server, a request for a matrix for entering PIN from the computing device;
generating, by the server, a matrix along with at least one of a random sequence identifier for each row and column of the matrix and cell alphabet indices, wherein a cell of the matrix with coinciding row and column random sequence identifier is colored with a unique color;
providing, by the server, the matrix along with a predefined sequence and at least one of cell alphabet indices and the random sequence identifier of each row, wherein the matrix and the random sequence identifier of each row is displayed on a display of the computing device;
receiving, by the server, at least one of Red Green Blue (RGB) value of a selected colored cell and the cell alphabet indices of the selected colored cell in the predefined sequence; and
determining, by the server, the PIN based on the predefined sequence and at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell.
2. The method as claimed in claim 1, wherein the predefined sequence is the sequence in which the server intends to receive the at least one of Red Green Blue (RGB) value of the selected colored cell and the cell alphabet indices of the selected colored cell.
3. The method as claimed in claim 1, wherein the at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell is received upon selection of a colored cell corresponding to a digit of the PIN from the computing device.
4. The method as claimed in claim 1, wherein determining the PIN comprises:
arranging the at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell based on the predefined sequence; and deciphering the at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell to determine the PIN.
The method as claimed in claim 4, wherein each of the at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell is mapped with a digit of the PIN.
The method as claimed in claim 1, wherein the request for the matrix for entering PIN from the computing device comprises identification of the computing device.
A server for determining a user PIN using a computing device, comprising:
a processor; and
a memory communicatively coupled to the processor, wherein the memory stores processor-executable instructions, which, on execution, causes the processor to:
receiving a request for a matrix for entering PIN from the computing device;
generating a matrix along with at least one of a random sequence identifier for each row and column of the matrix and cell alphabet indices, wherein a cell of the matrix with coinciding row and column random sequence identifier is colored with a unique color;
providing the matrix along with a predefined sequence and at least one of cell alphabet indices and the random sequence identifier of each row, wherein the matrix and the random sequence identifier of each row is displayed on a display of the computing device;
receiving at least one of Red Green Blue (RGB) value of a selected colored cell and the cell alphabet indices of the selected colored cell in the predefined sequence; and
determining the PIN based on the predefined sequence and at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell.
8. The server as claimed in claim 7, wherein the predefined sequence is the sequence in which the server intends to receive the at least one of Red Green Blue (RGB) value of the selected colored cell and the cell alphabet indices of the selected colored cell.
9. The server as claimed in claim 7, wherein the at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell is received upon selection of a colored cell corresponding to a digit of the PIN from the computing device.
10. The server as claimed in claim 7, wherein determining the PIN comprises:
arranging the at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell based on the predefined sequence; and
deciphering the at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell to determine the PIN.
11. The server as claimed in claim 10, wherein each of the at least one of RGB value of the selected colored cell and the cell alphabet indices of the selected colored cell is mapped with a digit of the PIN.
12. The server as claimed in claim 10, wherein the request for the matrix for entering PIN from the computing device comprises identification of the computing device.
13. A method of providing non-touch based detection of PIN using a computing device, the method comprising:
providing, by a server, a plurality of digits for displaying on a display of the computing device along with a predefined sequence for encrypting a PIN;
receiving, by the server, selection of one or more digits of the plurality of digits defining the PIN from the computing device, wherein the selection of one or more digits is determined through an image capturing unit associated to the computing device by tracking eye geometry of the user, and wherein the one or more digits are encrypted using the predefined sequence; and
decrypting, by the server, the one or more encrypted digits using the predefined sequence to detect the PIN.
14. The method as claimed in claim 13, wherein the plurality of digits are randomly displayed on the display of the computing device.
15. The method as claimed in claim 13, wherein the digits are displayed in a predefined matrix pattern.
16. The method as claimed in claim 13, wherein the predefined sequence is the sequence in which the server intends to receive the selection of one or more digits.
17. The method as claimed in claim 13, wherein selection of one or more digits by tracking eye geometry of the user comprises:
determining gazing on a predefined location of the display unit by the user for a predefined amount of time;
determining closing of the eye lid by the user;
determining geometry of the predefined location; and
determining a digit corresponding to the geometry.
18. The method as claimed in claim 17, wherein each of the digits are mapped with one or more geometric disposition.
19. A server for providing non-touch based detection of PIN using a computing device, comprising:
a processor; and
a memory communicatively coupled to the processor, wherein the memory stores processor-executable instructions, which, on execution, causes the processor to:
provide a plurality of digits for displaying on a display unit of the computing device along with a predefined sequence for encrypting a PIN; receive selection of one or more digits of the plurality of digits defining the PIN from the computing device, wherein the selection of one or more digits is determined through an image capturing unit associated to the computing device by tracking eye geometry of the user, and wherein the one or more digits are encrypted using the predefined sequence; and decrypt the one or more encrypted digits using the predefined sequence to detect the PIN.
20. The server as claimed in claim 19, wherein the plurality of digits are randomly displayed on the display of the computing device.
21. The server as claimed in claim 19, wherein the digits are displayed in a predefined matrix pattern.
22. The server as claimed in claim 19, wherein the predefined sequence is the sequence in which the server intends to receive the selection of one or more digits.
23. The server as claimed in claim 19, wherein selection of one or more digits by tracking eye geometry of the user comprises:
determining gazing on a predefined location of the display by the user for a predefined amount of time;
determining closing of the eye lid by the user;
determining geometry of the predefined location; and
determining a digit corresponding to the geometry.
24. The server as claimed in claim 23, wherein each of the digits are mapped with one or more geometric disposition.
PCT/IB2016/050535 2015-02-04 2016-02-03 Method and system for secure pin entry on computing devices WO2016125083A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN378/MUM/2015 2015-02-04
IN378MU2015 2015-02-04

Publications (1)

Publication Number Publication Date
WO2016125083A1 true WO2016125083A1 (en) 2016-08-11

Family

ID=56563525

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2016/050535 WO2016125083A1 (en) 2015-02-04 2016-02-03 Method and system for secure pin entry on computing devices

Country Status (1)

Country Link
WO (1) WO2016125083A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090006941A1 (en) * 2007-06-29 2009-01-01 Funai Electric Co., Ltd. Password entry apparatus
US20090037986A1 (en) * 2007-07-24 2009-02-05 Next Access Technologies, Llc Non-disclosing password entry method
US20130321265A1 (en) * 2011-02-09 2013-12-05 Primesense Ltd. Gaze-Based Display Control

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090006941A1 (en) * 2007-06-29 2009-01-01 Funai Electric Co., Ltd. Password entry apparatus
US20090037986A1 (en) * 2007-07-24 2009-02-05 Next Access Technologies, Llc Non-disclosing password entry method
US20130321265A1 (en) * 2011-02-09 2013-12-05 Primesense Ltd. Gaze-Based Display Control

Similar Documents

Publication Publication Date Title
US10218506B1 (en) Cross-device authentication
US9038166B2 (en) Method and apparatus for authenticating password of user terminal
US20160232342A1 (en) Method and system for authenticating access
US9411465B2 (en) Systems and methods for generating a secure locking interface
US10140465B2 (en) Methods and systems for user authentication in a computer system using multi-component log-ins, including image-based log-ins
US20140098141A1 (en) Method and Apparatus for Securing Input of Information via Software Keyboards
US20140053254A1 (en) Graphical authentication system and method for anti-shoulder surfing attack
WO2018083088A1 (en) Method for securing a transaction performed from a non-secure terminal
US8904482B1 (en) Techniques for securing a one-time passcode with an alteration code
US20140380463A1 (en) Password setting and verification
US20140245433A1 (en) Password authentication
US8661532B2 (en) Method and apparatus for authenticating password
US20120256723A1 (en) Random location authentication
US20160127134A1 (en) User authentication system and method
US20140223378A1 (en) Graphical user interface (gui) that receives directional input to change face for receiving passcode
TWI525467B (en) Method and computer system for dynamically providing multi-dimensions based password/challenge authentication
CN105446636A (en) Dynamic unlocking method and electronic apparatus
US10362023B2 (en) Authentication information encryption server apparatuses, systems non-transitory computer readable mediums and methods for improving password security
CN101655768A (en) Anti-peep password input method
Mali et al. Advanced pin entry method by resisting shoulder surfing attacks
US20140149749A1 (en) Method and device for preventing logging of computer on-screen keyboard
US9614838B1 (en) Taking a picture of a one-time use passcode and using the picture to authenticate
US9501632B2 (en) Visual authentication to a computing device
KR101392537B1 (en) User memory method using plural one time password
US10380331B2 (en) Device authentication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16746201

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16746201

Country of ref document: EP

Kind code of ref document: A1