Most visual code authentication schemes in the literature have been shown to be vulnerable to relay attacks: the attacker logs into the victim's "account A" using credentials that the victim provides with the intent of logging into "account B". Visual codes are not human-readable and therefore the victim cannot distinguish between the codes for A and B; on the other hand, codes must be machine-readable in order to automate the login process. We introduce a new type of visual code, the SAVVIcode, that contains an integrity-validated humanreadable bitmap. With SAVVIcode, attackers have a harder time swapping visual codes surreptitiously because the integrity check prevents them from modifying or hiding the human-readable distinguisher.
展开▼