Journal of Industrial Convergence (산업융합연구)

DAEHAN Society of Industrial Management (대한산업경영학회)
권호 표지
DOI QR코드

DOI QR Code

An Adaptive matrix-based Secure Keypad designed for Rollable and Bendable Display Environments

롤러블 및 벤더블 디스플레이 환경에 적합한 가변행렬 기반 보안 키패드

  • 최동민 (조선대학교 자유전공학부)
  • Received : 2024.01.18
  • Accepted : 2024.02.20
  • Published : 2024.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

Conventional methods like PIN used in conventional smartphone form factor have not considered the variation in display structure or screen size. As a result, when applied to recent variable display-based smartphones, the secret information input unit may get reduced or enlarged, leading to vulnerabilities for social engineering attacks due to deformation of the display area. This study proposes a secure keypad that responds to changes in display size in rollable and bendable smart phones. Firstly, the security problems that may arise when applying classical authentication methods to new form factors were analyzed, and corresponding security requirements were derived. The proposed security keypad addresses the key input error problem that can occur when the screen size is small. The arrangement and size of keys can be deformed with the spacing suitable for input depending on the display size of rollable and bendable smartphones. The study also considered the problem of leaking input information for social engineering attacks by irregularly distributing key input coordinates. The proposed method provides better user experience and security than existing methods and can be used in smartphones of various sizes and shapes.

기존 스마트폰에서 사용된 PIN과 같은 인증기법은 디스플레이 구조의 변형 또는 화면 크기의 가변성에 대한 고려가 이루어지지 않아 최근의 가변 디스플레이 기반 스마트폰에 적용될 경우 비밀정보 입력부의 축소나 확대로 발생 가능한 취약점과 같은 디스플레이 면적의 변형에 따른 사회공학 공격에 대한 취약점이 있다. 본 연구는 롤러블 및 벤더블 스마트폰과 같이 디스플레이 크기 변화에 대응하는 보안 키패드를 제안한다. 이를 위해 우선 각 기존 인증기법에서 새로운 폼팩터에 적용될 경우 발생할 수 있는 보안 문제를 분석하였으며 이에 대응하는 보안 요구사항을 도출하였다. 제안하는 보안 키패드는 롤러블 및 벤더블 스마트폰의 디스플레이 크기에 따라 입력에 적합한 간격과 크기로 키의 배열 및 배치가 변형 가능하므로 화면 크기가 작을 때 발생할 수 있는 키 입력 오류 문제를 고려하였다. 또한, 키 입력 좌표를 불규칙적으로 분산하여 사회공학 공격에 대한 입력 정보 유출 문제도 고려하였다. 제안 기법은 다양한 크기와 형태의 스마트폰에서 사용할 수 있어 기존 기법보다 더 나은 사용자 경험과 보안성을 제공한다.

Keywords

Acknowledgement

This study was supported by research fund from Chosun University, 2021.

References

  1. J. Kim. (2020). Tech trend, Endlessly evolving mobile device form factor evolution! Samsung Display News room Tech Trend(Online). https://news.samsungdisplay.com
  2. J. E. Park. (2019). First release of 5G foldable smartphone... Signal of change in form factor. etnews(Online). https://www.etnews.com
  3. M. S. Kim. (2022). What will the 'Rollable Phone', which will follow Samsung Electronics' foldable, look like. Bizwatch(Online). https://news.bizwatch.co.kr/
  4. I. J. Choi. (2020). Now, a 'rollable phone' that rolls and unfolds is coming. Chosun Media (Online). https://www.chosun.com
  5. C. Wang, Y. Wang, Y. Chen, H. Liu & J. Liu. (2020). User authentication on mobile devices: Approaches, threats and trends. Computer Networks, 120(7), 107118. DOI : 10.1016/j.comnet.2020.107118
  6. E. Miluzzo, A. Varshavsky, S. Balakrishnan & R.R. Choudhury. (2012, June). TapPrints: Your Finger Taps Have Fingerprints. Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services. (pp. 323-336). Low Wood Bay : ACM. DOI : 10.1145/2307636.2307666
  7. T. Takada.(2008, October). Fake Pointer: An Authentication Scheme for Improving Security against Peeping Attacks using Video Cameras. Proceeding of International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies. (pp. 395-400). Valencia : IARIA. DOI : 10.1109/UBICOMM.2008.76
  8. A.J. Aviv, K. Gibson, E. Mossop, M. Blaze & J.M. Smith. (2010, August). Smudge Attacks on Smartphone Touch Screens. Proceeding of the 4th USENIX Conference on Offensive Technologies. (pp. 1-7). Washington : ACM.
  9. Y. Abdelrahman, M. Khamis, S. Schneegass & F. Alt. (2017, May). Stay Cool! Understanding Thermal Attacks on Mobile-based User Authentication. Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems. (pp. 3751-3763). Denver : ACM. DOI : 10.1145/3025453.3025461
  10. J. Kagan. (2023). Personal Identification Number (PIN): What It Is, How It's Used. Investopedia (Online). https://www.investopedia.com
  11. M. Shahzad, A.X. Liu & A. Samuel. (2013, September). Secure Unlocking of Mobile Touch Screen Devices by Simple Gestures: You Can See It But You Can Not Do It. Proceeding of the 19th Annual International Conference on Mobile Computing & Networking. (pp. 39-50). Miami : ACM. DOI : 10.1145/2500423.2500434
  12. D. B. Faustino, S. Nabil & Audrey Girouard. (2020, May). Bend or PIN: Studying Bend Password Authentication with People with Vision Impairment. Proceedings of Graphics Interface 2020. (pp. 183-191). Toronto : ACM. DOI : 10.20380/GI2020.19
  13. D. Choi. (2022). Design of Smartphone Secure Keypad Using Indirect Pattern. Journal of Korea Multimedia Society, 25(7), 932-944. DOI : 10.9717/kmms.2022.25.7.932
  14. D. Choi. (2021). A Study on User Authentication Method for Foldable Screen-Based Devices. Journal of Korea Multimedia Society, 24(3), 440-447. DOI : 10.9717/kmms.2020.24.3.44
  15. H. Mun. (2022). Design for Position Protection Secure Keypads based on Double-Touch using Grouping in the Fintech. Journal of Convergence for Information Technology, 12(3), 38-45. DOI : 10.22156/CS4SMB.2022.12.03.038