Security researchers have tested the first prototypes of a secure authentication system that could one day replace PIN entry at cash points.

Called Undercover, the system was developed by Carnegie Mellon University researcher Nicolas Christin and two graduate students, one associated with Sharp and the other with Mitsubishi. The researchers detailed the scheme in a recently published study.

The challenge was to get around the factors that make PIN entry so vulnerable - for instance, the fact that anyone with sharp eyes or a set of concealed cameras can easily observe what keys a user is tapping.

To deal with such "observation attacks," Undercover conceals not the user's response, but the challenge to which they are responding, or at least part of it.

The prototype entry system Christin decided upon uses a motor-controlled trackball and a keypad with five color-coded keys. The user places his left hand on the trackball, concealing it.

The system's challenge is to display on a screen a set of five images, one of which may be an image from a portfolio that the user has previously provided - for instance, a photo of a pet or a holiday snap. The user is asked to identify their own image, or to press a key signalling that none of the images are theirs.

The motor rotates the concealed trackball in a particular direction, which indicates the values assigned to the color-coded keys - something that, in theory, no onlooker would be able to observe. The user then enters their response on the keypad.

The advantage of this system is that it makes an observation attack drastically more difficult, the researchers said. "We have reduced the problem from hiding the complete challenge to hiding one (or a few) bit(s) of information," they wrote.

The researchers carried out tests on 38 users, using both a standard PIN system and Undercover, where cameras recorded the users' movements. This allowed the researchers to discover all 38 PINs, even those of the more security-conscious users who covered one hand with the other.

The observation attack was only able to crack the Undercover system in a few cases, due to users involuntarily revealing the motion of the trackball for instance.

On the other hand, Undercover's style of authentication is undoubtedly more cumbersome to use - authentication took 25 seconds at a minimum, compared to a median time of 3.2 seconds for PIN entry.

Whitepapers

• Gene Kim's Practical Steps to Mitigate Virtualization Security Risks
• Selecting Effective Virtual Directories
• A Modern Approach to On-Demand Email and Data Security
• Best Practices for HP Servers and HP Enterprise Virtual Array in a Microsoft Exchange
• Compliance, Protection, Recovery: A Layered Approach to Laptop Security
• Endpoint Security: Data Protection for IT, Freedom for Laptop Users

View more SECURITY whitepapers

Webcasts

• Key Considerations for a Successful 802.11n Deployment
• Solutions to the Toughest IT Challenges in Remote Offices
• Lowering the Cost of Email Archives
• High Availability for SQL Server 2005 Using Array-Based Replication and Host-Based Mirroring Technologies
• Technical Overview of Exchange Server 2007 with HP Servers and Storage
• Bringing Order and Security to your Mobile Workforce: Corporate Mobility Policy and Device Management On-Demand

View more SECURITY webcasts

Special Reports

• The Evolution of Network Security
• Taking Virtualization Up a Notch
• Learn how to Keep your Mobile Workforce Connected
• The self-managed network

View more SECURITY special reports