Now You See Me, Now You Don't: Protecting Smartphone Authentication from Shoulder Surfers
Authors: Alexander De Luca, Marian Harbach, Emanuel von Zezschwitz, Max-Emanuel Maurer, Bernhard Ewald Slawik, Heinrich Hussmann

Date: April 2014
Publication: Proceedings of the 2014 SIGCHI Conference on Human Factors in Computing Systems, CHI '14
Page(s): 2937 - 2946
Publisher: ACM
Source 1:
Source 2:
Source 3: - Subscription or payment required

Abstract or Summary:
In this paper, we present XSide, an authentication mechanism that uses the front and the back of smartphones to enter stroke-based passwords. Users can switch sides during input to minimize the risk of shoulder surfing. We performed a user study (n = 32) to explore how switching sides during authentication affects usability and security of the system. The results indicate that switching the sides increases security while authentication speed stays relatively fast (less than 4 seconds). The paper furthermore provides insights on accuracy of eyes-free input (as used in XSide) and shows how 3D printed prototype cases can improve the back-of-device interaction experience. Note: Additional unlisted author is Matthew Smith

Do you have additional information to contribute regarding this research paper? If so, please email with the details.

<-- Back to Authentication Research Paper Index

[Home] [About Us] [News] [Research]

Copyright © 2019