My phone is my keypad

摘要

More and more services are available on public terminals. Due to their public location and permanent availability, they can easily fall victim to manipulation. These manipulations mostly aim at stealing the customers' authentication information (e.g. bank card PIN) to gain access to the victims' possessions. By relocating the input from the terminal to the users' mobile device, the system presented in this paper makes the authentication process resistant against such manipulations. In principle, this relocation makes PIN entry more complex, with a tendency to worse usability. In this paper, we present the concept as well as an evaluation that has been conducted to study the trade off between usability and security. The results show that users apparently are willing to accept a certain increase of interaction time in exchange for improved security.