GB2444285A - Keypad with random key layout - Google Patents
Keypad with random key layout Download PDFInfo
- Publication number
- GB2444285A GB2444285A GB0623944A GB0623944A GB2444285A GB 2444285 A GB2444285 A GB 2444285A GB 0623944 A GB0623944 A GB 0623944A GB 0623944 A GB0623944 A GB 0623944A GB 2444285 A GB2444285 A GB 2444285A
- Authority
- GB
- United Kingdom
- Prior art keywords
- keypad
- key
- legends
- keys
- legend
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/01—Input arrangements or combined input and output arrangements for interaction between user and computer
- G06F3/02—Input arrangements using manually operated switches, e.g. using keyboards or dials
- G06F3/023—Arrangements for converting discrete items of information into a coded form, e.g. arrangements for interpreting keyboard generated codes as alphanumeric codes, operand codes or instruction codes
- G06F3/0238—Programmable keyboards
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Human Computer Interaction (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Input From Keyboards Or The Like (AREA)
Abstract
A keypad allows the physical arrangement of the keys to be rearranged by altering the legends on the keypad. This may be done either at the beginning of data entry or after every data item input. A film may be placed over the keys to restrict the angle at which the legends on the keys may be seen. The keypad may have push buttons with a display embedded in the button. The display may be an LCD. Alternatively, the keypad may be a touch screen. The keypad may also use coloured lights or other displays to provide information. The keypad may incorporate a microcontroller to control the display of the key legends or to decode key presses.
Description
Random Generated PIN Kcypad
Description
Numeric keypads and Personal Identification (PIN) numbers are commonly used in the security industry to authenticate the identity of the user. These find many applications in security devices, and are commonly used in transactions as a "secure" form of verifying a users identity and credentials.
With the explosion of electronic based forms of commerce, PIN numbers are used more extensively than ever.
In a typical transaction, the user is required to provide a non-confidential user identifier or token -for example a credit card, and a confidential PIN to gain access to a system. The system compares the confidential PIN with the record stored for that identifier to authenticate the users identity.
A numeric keypad consists of an array of keys in a fixed order which allows numbers to be entered into a system. A numeric keypad commonly consists of the numbers 0-9 in a static array, and usually there are additional option keys such as "Enter" and "Clear" which are used to aid the data entry process.
Users are familiar with the arrangement of a 12-key numeric keypad. The numbers are arranged in a logical order in rows of three: 2 3 4 5 6 7 8 9 Enter 0 Clear Unfortunately, user familiarity with the layout of this keypad compromises its security if the user is under surveillance whilst entering a PIN number.
Even if a user tries to "shield" their PIN number from being seen, the fixed position of the keys means that an observer can judge the number being entered from positional data -seeing where the users finger is moving. It is therefore possible to deduce a PIN from the users approximate finger position, without being able to see the key legends clearly.
PINs are often 4-digit numbers in the range 0000-9999 resulting in 10,000 possible numbers, so that an attacker would need to guess an average of 5000 times to get the correct PIN. Many PIN verification systems allow three attempts, thereby giving a card thief a 1/3000 chance to guess the correct PIN before the PIN is blocked.
If the user has some prior knowledge of the user's finger movements, then this probability can be compromised significantly.
This invention consists of a dynamic keypad, where the legends of the keys are not static and fixed, but change places. This can occur after each and every key entry, or at the beginning of the data entry sequence.
The keypad can either be physical -implemented using individual buttons, or virtual, using a touch-screen type display input device.
By moving the key legends about using a random algorithm, it is possible to create higher security, as the users finger movements give little clue to the number being entered if some or all of the key's are obscured. At the moment, if a user presses the top left key of a numeric keypad, the probability of it being a I is I/I. However, if the keys are randomised, then the probability of that finger movement indicating a I is only I in 12, 0.083 on each key entry occasion. Clearly security is improved if key legends denoting the position of a number cannot be seen, and even if some of the key legends can be seen, the remaining obscured legends provide some level of security.
Additionally, the legends could be shielded from unwanted overlookers by means of an optical film applied over the device which gives a restricted angle of view.
A specific implementation of this device is as follows: A "Screen Key", is a momentary push-switch, with a programmable LCD display in place of a fixed legend. The display can be programmed to display any number, legend or character on a matrix of pixels. A keypad composed of "Screen Keys" is a keypad whereby an array of "Screen Keys" are linked together, with each having a separate progranmiable LCD legend. Additionally, an option available on a "Screen Key" is to have a backlight provided by means of Tn-Coloured Light Emitting Diode. The proportions of Red, Green and Blue can be adjusted to convey colour information to the user, providing additional information about the key's function.
A random number generator pad could comprise an array of 4x3 screen keys controlled by a microcontroller. The microcontroller receives key-press information from each key. The microcontroller can also write data to the LCD screens atop of the key. The microcontroller interfaces to the application device, for example, an ATM machine. This interface could take the form of a digital bus connection to the microcontroller, or to retrofit existing applications, the microcontroller could connect to the application using the interface of the static keypad it is replacing.
The software function of the microcontroller is as follows.
I. Create a lookup table of 12 key positions.
2. Randomly assign each of the "key legend values" to one of the positions in the
lookup table.
3. Associate each physical key, with a corresponding position in the lookup tables.
4. Write the data corresponding to the "key legend values" to the LCD screen of each key, in accordance with the data in the lookup table.
5. Scan the keypad for user entry.
6. One user entry has been detected, lookup the position indicated by the physical key press in the lookup table and obtain a value for the corresponding "key legend value".
7. Output this key legend value to the application device.
The legends on the key could also be shielded from unwanted onlookers by means of an optical film over each key which gives a restricted angle of view.
Claims (6)
- Claims I. The device comprises a keypad, where the physical arrangementof the key functions is rearranged by altering the legends on each key of the keypad electronically either: I) at the beginning of data entry ii) after every individual data item input
- 2. The device may also incorporate a film over each key which only allows the dynamically changeable Legend to be viewed from a narrow field of view.
- 3. The device may achieve this function through the use of pushbuttons with display screens embedded within the device, allowing the key legend to be dynamically altered.
- 4. The device may also incorporate coloured lighting and or displays to provide additional information to the user.
- 5. The device may also encompass an interface which allows the "new keypad" to be retrofitted to older systems.
- 6. The device may contain an embedded microcontroller which provides interface functions to a system.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB0623944A GB2444285A (en) | 2006-11-30 | 2006-11-30 | Keypad with random key layout |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB0623944A GB2444285A (en) | 2006-11-30 | 2006-11-30 | Keypad with random key layout |
Publications (2)
Publication Number | Publication Date |
---|---|
GB0623944D0 GB0623944D0 (en) | 2007-01-10 |
GB2444285A true GB2444285A (en) | 2008-06-04 |
Family
ID=37671617
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
GB0623944A Withdrawn GB2444285A (en) | 2006-11-30 | 2006-11-30 | Keypad with random key layout |
Country Status (1)
Country | Link |
---|---|
GB (1) | GB2444285A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2504066A (en) * | 2012-07-10 | 2014-01-22 | Mopowered Ltd | Location of symbols on display of input device modified according to user selection |
US10409406B2 (en) | 2017-03-03 | 2019-09-10 | Verifone, Inc. | Systems and methods for increased security in authentication code entry for touch-sensitive screen enabled devices |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1993011551A1 (en) * | 1991-12-06 | 1993-06-10 | Maurras Jean Francois | Rendum reset keypad |
FR2693815A1 (en) * | 1992-07-15 | 1994-01-21 | Gemplus Card Int | Security process for data entry keypad with touchscreen - uses keys with associated character changed randomly and visible only to user |
CA2214190A1 (en) * | 1997-10-15 | 1999-04-15 | Michael Ernest Blom | Improved security data entry alphanumeric keypad |
US6434702B1 (en) * | 1998-12-08 | 2002-08-13 | International Business Machines Corporation | Automatic rotation of digit location in devices used in passwords |
EP1280113A2 (en) * | 2001-07-24 | 2003-01-29 | Robert Bosch Gmbh | Code input apparatus |
US6549194B1 (en) * | 1999-10-01 | 2003-04-15 | Hewlett-Packard Development Company, L.P. | Method for secure pin entry on touch screen display |
GB2402649A (en) * | 2003-06-11 | 2004-12-15 | Mathew Jonathan Dawson | Personal identification code entry device |
-
2006
- 2006-11-30 GB GB0623944A patent/GB2444285A/en not_active Withdrawn
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1993011551A1 (en) * | 1991-12-06 | 1993-06-10 | Maurras Jean Francois | Rendum reset keypad |
FR2693815A1 (en) * | 1992-07-15 | 1994-01-21 | Gemplus Card Int | Security process for data entry keypad with touchscreen - uses keys with associated character changed randomly and visible only to user |
CA2214190A1 (en) * | 1997-10-15 | 1999-04-15 | Michael Ernest Blom | Improved security data entry alphanumeric keypad |
US6434702B1 (en) * | 1998-12-08 | 2002-08-13 | International Business Machines Corporation | Automatic rotation of digit location in devices used in passwords |
US6549194B1 (en) * | 1999-10-01 | 2003-04-15 | Hewlett-Packard Development Company, L.P. | Method for secure pin entry on touch screen display |
EP1280113A2 (en) * | 2001-07-24 | 2003-01-29 | Robert Bosch Gmbh | Code input apparatus |
GB2402649A (en) * | 2003-06-11 | 2004-12-15 | Mathew Jonathan Dawson | Personal identification code entry device |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2504066A (en) * | 2012-07-10 | 2014-01-22 | Mopowered Ltd | Location of symbols on display of input device modified according to user selection |
US10409406B2 (en) | 2017-03-03 | 2019-09-10 | Verifone, Inc. | Systems and methods for increased security in authentication code entry for touch-sensitive screen enabled devices |
Also Published As
Publication number | Publication date |
---|---|
GB0623944D0 (en) | 2007-01-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9514316B2 (en) | Optical security enhancement device | |
US20090037986A1 (en) | Non-disclosing password entry method | |
US20120120013A1 (en) | Method for encoded input and control by fingerprint | |
US20120082306A1 (en) | Data Encryption and Input System | |
US20060098841A1 (en) | Method and system for enabling remote message composition | |
JP2006243938A (en) | Password input device | |
CN108027855A (en) | Multi-user's strong authentication token | |
KR100880862B1 (en) | Security method for user input data to electronic device | |
KR101228809B1 (en) | Method and device for inputting password and recording medium for the same | |
US20140325677A1 (en) | Optical security enhancement device | |
GB2444285A (en) | Keypad with random key layout | |
WO2012009334A1 (en) | Personal secure terminal with virtual keypad | |
CN201063155Y (en) | Cipher input device against peep | |
US20210192091A1 (en) | Secure input mode of keyboards | |
JP6684933B1 (en) | Key input system, electronic device, software keyboard control method | |
WO2010134808A1 (en) | Method of securing entry of an alphanumeric code on a computer system, interaction and dedicated driver entity therefor. | |
Kasat et al. | Study and analysis of shoulder-surfing methods | |
JP4532476B2 (en) | Secure card terminal | |
JP2001350590A (en) | Input device | |
EP2992476A1 (en) | Optical security enhancement device | |
Masuzawa et al. | Development of keypads which use colors or shapes to prevent shoulder surfing | |
JP4716201B2 (en) | Input device | |
KR20140087595A (en) | Device and method for inputting secure pin | |
CN220121285U (en) | Safety password input equipment, password lock, POS machine, ATM and medical insurance card swiping equipment | |
RU172845U1 (en) | Code panel |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WAP | Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1) |