Paper Contents
Abstract
In the realm of secure PIN entry methods, traditional direct input mechanisms have been prevalent but prone to vulnerabilities such as shoulder surfing and brute force attacks. To address these concerns, indirect PIN entry methods have emerged, offering enhanced security through challenges presented to users. However, existing indirect methods often demand significant cognitive effort, rendering them impractical for a wide range of users. In this paper, we propose an innovative approach to indirect PIN entry leveraging QR code technology, aimed at enhancing accessibility and usability while maintaining robust security. Our method involves the generation of challenges in QR code format, which users can effortlessly scan using a dedicated mobile application. We present the design and implementation of an ATM Simulator Web Application, developed using Flutter for the front-end and PHP for the back-end, as a proof of concept for our proposed method. Furthermore, we detail the challenge generation process, wherein original PINs are mapped to shuffled keys, and users are tasked with rearranging a keypad according to the challenge's instructions. Evaluation of our method demonstrates its efficacy in enhancing security while significantly reducing the cognitive burden on users. Through this work, we aim to contribute to the advancement of secure PIN entry methods, paving the way for more accessible and user-friendly authentication solutions in various domains.
Copyright
Copyright © 2024 Vishnu M. This is an open access article distributed under the Creative Commons Attribution License.
