Tetris security keypads design with higher security using alignment and padding

Background/Objectives: With the development of ICT, there has been a rapid increase of demand on convenient services for users to make financial transactions on smartphone. User authentication is made by inputting password on smartphone.Methods/Statistical analysis: Banks or fintech service providers receive password using a security keypads, but attackers take a peep at passwords by various ways such as Google Glass or shoulder surfing attack. Because the locations of keypads are almost fixed and the size of keypads is almost the same, they are vulnerable to attacks using the touched location or shoulder surfing attacks.Findings: To protect security and safety from various attacks such as the stealing of touched location using Google Glass, shoulder surfing attack, or malware, this study proposes to diversify the size of keypads, connect the keys as a Tetris game but randomly align them to left or right, and add paddings in-between the keypads so that it is difficult to infer a password by the information of touched location.Improvements/Applications: Since a different letter is entered even if the same key is touched, it will be difficult for the attacker to infer the password through this proposed technique. It will be possible to block the attacker from peeping at a user’s touched location information or the shoulder surfing attack.