A PROPOSAL AND IMPLEMENTATION OF THE SHOULDER-SURFING ATTACK RESISTANT AUTHENTICATION METHOD USING TWO SHIFT FUNCTIONS

Recently, mobile terminals such as smartphones have come to be widely used. Most of such mobile terminals store several types of important data, such as personal information. Therefore, it is necessary to lock and unlock terminals using a personal authentication method such as personal identification numbers (PIN) in order to prevent data theft. However, most existing authentication methods have a common problem referred to as “shoulder-surfing,” which means inferring authentication information by watching the authentication sequence. In the present paper, a new icon-based authentication method is proposed that is simple but sufficiently secure even when the authentication sequence is being watched. The proposed method is implemented on a mobile data terminal and is evaluated through a series of experiments and questionnaire surveys.