t’s time for the world to move away from text-based passwords and cell phone verification and start embracing more secure image-based solutions, say computer scientists at the University of Surrey.
In a new study, British researchers demonstrated an image-based authentication system called Tim (Transparent image moving) for cell phones to reduce the risk of “shoulder surfing” attacks.
Tim requires users to select and move predefined images to a designated location to pass authentication checks, similar to those required for online shopping. The demonstration study found that 85 percent of users believe it can help prevent password guessing and shoulder surfing attacks.”
The study also found that 71 percent of participants believe Tim is a more usable image-based solution than others on the market. For Rizwan Asghar, co-author of the paper for the University of Surrey, “We spend most of our lives on our cell phones and depend on them for activities such as banking, shopping and staying in touch with our loved ones.
However, “it is surprising how little has been done in terms of innovation and progress to protect these activities and our most private information. We believe that image-based and interactive authentication processes like Tim represent a step in the right direction.”
“Shoulder surfing” is an attack in which someone records sensitive information, such as passwords or credit card numbers, entered by a victim on a computer or mobile device screen by looking over the shoulder or from a distance. Shoulder surfing attacks often occur in crowded public places such as airports, cafes, or public transportation.