Systematic Literature Review On Pin-Entry

Methods Resistant To Capture Attacks

NAME (12 MEMBERS) MATRIC NO

THINARAJ A/L A MUTTIAH U2005319

RAJA ZAREEF FIRDAUS BIN RAJA AZMAN NAHAR 17207394

AHMAD AFFIFUDDIN BIN AHMAD KHAIRUDDIN 17207223

RAAIM SAUDULLA 17215647

CHONG ZI JING U2005258

TAN JIAN MING U2005352

TEE WEI LUN U2005404

LOW JUN JIE U2005399

CHOW SHANG SHYAN U2005283

LIEW RUI ZHI U2005270

NAFIM BASHAR S2114604

ARHAM HOSSAIN CHOWDHURY S2121048

Abstract

Personal Identification Number (PIN) is subject to capture attack whereby the PIN can be stolen.
This grants attackers access to the user’s information and jeopardises their security. This
systematic literature review will study several PIN-entry methods to identify the techniques used
that will help in reducing the chance of capture attacks, including their effectiveness and
implications. The PRISMA guideline is implemented to conduct this review. In this review, we
found that PIN-entry methods evolved significantly from a simple few digits input to using
hardware such as audio signals to input PIN and software methods such as graphical PIN entry
system using unique interface design to input the PIN. We found by utilising these methods,
another layer of complexity is built into the PIN-entry method that will make it harder for
attackers to intercept the PIN via observation, yet also making it more cognitively burdening for
the users. This review also found that implementing hybrid PIN-entry methods using both
hardware and software methods instead of standalone hardware or software methods would be
the best approach in developing new PIN-entry methods as it allows a more balanced tradeoff
between security and usability. This review concludes that hybrid methods should be further
explored and integrated into available systems as it enhances security without hampering the
user’s experience, especially when more emerging threats in cybersecurity are coming.

Keywords
PIN-Entry Methods, Capture Attacks, Shoulder Surfing, Keylogging, Information Theft

2
Introduction

Personal Identification Number (PIN) is used as a security authentication method for various
sensitive applications to safeguard critical information and ensure correct authentication. It is
created from a combination of a fixed-length 4 or 6 digits, therefore making it suitable for usage
in an environment whereby having a full keyboard is not feasible. (Wang et al.,
2017).Traditionally, PIN is created and used to authenticate banking activities and card
transactions (Bonneau et al., 2012). Recent technology advancement also has allowed PIN to be
adopted as an authentication method to devices like smartphones (Markert et al., 2020).

In a study conducted in 2012, 88.1% respondents said that they regularly use PIN numbers with
their payment cards (Bonneau et al., 2012). This shows that the majority of people utilise PIN for
their security authentication such as on payment cards and also mobile phones as it is the easiest
authentication method. However, being the easiest method has made it prone to attacks that
jeopardise its security, leaving room for potential risks and harms to the user. One of the attacks
that is associated with PIN is capture attack.

Personal Identification Number (PIN) can be subject to capture attack. Capture attack is one of
the types of cybersecurity threat that happens when an unauthorised entity successfully intercepts
and collects sensitive information, typically during its transmission or entry. Shoulder surfing is
one of the capture attacks. In a shoulder surfing attack, the attacker will position themselves
close to victims and discreetly observe the user's authentication procedure to remember and learn
the PIN(Srinivasan, 2018).It usually happens in crowded public spaces where victims don't
realise they are exposing their sensitive information. Furthermore, keylogging is also another
example of capture attack. The keyboard entries will be extracted from the system and be sent to
the miscreants. Attacks using keylogging are only possible when PINs or passwords are being
input using mechanical keyboards (Srinivasan, 2018).

Capture attacks have several consequences to the victims. One of the common consequences is
privacy breaches. The sensitive information of users has the risks of being exposed such as PINs
or passwords (Bošnjak & Brumen, 2020). This breach may cause stalking, targeted attack and
breach of privacy of the victims. The victims would not feel safe and constantly feel threatened
as there are people out there that know the victims’ current situation such as location and
activities. This also will impact the victims’ well-being in terms of emotion and psychology as
constantly feeling unsafe will result in decline of mental health, affecting the victims from
functioning daily.

Moreover, another result of capture attacks is identity theft. The attackers can get unauthorised
access to personal information of users. For example, names, financial status and addresses. The
victim’s identity might be predicted and assumed which might lead to open fraudulent accounts,
financial fraud or involvement in other malicious activities. In the long run, identity theft will
cause financial losses and affect the credit history, while also putting the risk of the victims to be
apprehended by the authorities as the crimes are committed using their name by the actual
criminals.

3
The capture attacks are troublesome as it can be easily done by anyone yet the risks are dire to
the victims. Therefore to prevent capture attacks and enhance the security, it is vital to introduce
PIN-entry methods that are resistant to various capture techniques. A Personal Identification
Number (PIN) is used as a security authentication method for various sensitive applications to
safeguard critical information and ensure correct authentication. PIN-entry methods include
various techniques that are intended to protect the confidentiality of the entered code, mitigating
the risk of capture attacks.

There are various methods that have been designed to create a PIN entry method that is resistant
to capture attacks. One of them is The Phone Lock that has been proposed by Bianchi et al. This
method utilises a set of audio notes or tactile cues as the PIN whereby it replaces the 10 digits of
0 until 9 as the PIN input (Bianchi et al., 2010). Users may create their PIN using the
combination of the audio or tactile input as long as they wish. As it does not involve typical
digits that can be directly observed, this method is resistant towards observation capture attack
while also being more secure due to the more possible combination, making it harder to break.

Despite the various PIN-entry methods that have been developed, the implementation of the
methods have yet to be implemented widely as most PIN security setup still utilises the
traditional 10 digit methods. The risk of PIN being broken today is higher due to the limitation of
the combination possible and the high number of people using the PIN. Therefore, an enhanced
approach of PIN-entry methods should be utilised to ensure the convenience of the user while
enhancing the security of users’ data and profile. This systematic literature review is conducted
for us to review and analyse evolution of PIN-entry methods that have been implemented to
prevent capture attacks. This review will also examine the effectiveness and implications behind
these techniques to prevent or reduce capture attacks. The goal of this review is to provide
detailed analysis on those PIN-entry methods from their ability to prevent capture attacks and the
security aspect of it. This in turn could provide an understanding on the best PIN-entry methods
that could be commercialised and used in various settings.

Method

The literature review process used in this paper is depicted in Figure 1. We conducted this
systematic literature review on PIN-entry methods & capture attacks according to the Preferred
Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) guidelines to guarantee
a thorough and transparent analysis of the material. According to Page et al.(2021), the PRISMA
methodology is a well-known and approved method for carrying out systematic literature
reviews (SLRs). It offers a clear and consistent methodology for searching the literature, vetting
and choosing relevant papers, and compiling the results. A detailed reporting checklist is a
further benefit of the PRISMA approach that can help guarantee that the review is presented in
an understandable and transparent way. The PRISMA methodology was deemed suitable for an
SLR that concentrated on the resistance of PIN-entry methods towards capture attacks, since it
guarantees an exhaustive and methodical search of the literature together with a strict screening
and selection process for relevant papers.

4
Figure 1: The Literature Review Process

The literature review methodology were carried out according to these steps: identification of
information sources, defining a research question & objective, developing the search strategy
using inclusion and exclusion criteria to screen & select relevant papers, and finally the
extraction & analysis of data to identify research gaps & present the results & discussions of this
systematic literature review.

2.1 Identifying Information Databases

Numerous databases, including ScienceDirect, ProQuest Dissertations & Theses Global, Scopus,
ACM Digital Library, SpringerLink, Web of Science, Researchgate, Academic Search Elite
@EBSCOhost, IEEExplore, Emerald, Education Research Complete @EBSCOhost &
IOPScience were used in an extensive search. These databases were scoured for relevant journal
articles and conference papers.

2.2 Defining Research Question & Objective

The objectives & research questions for this systematic review are as follows:

Research Objective 1: To systematically review and analyse existing methods and techniques
employed in PIN-entry to mitigate capture attacks.
Research Question 1: What are the key methods and techniques used in PIN-entry to mitigate
capture attacks, and how have they evolved over time?

Research Objective 2: To assess the effectiveness and security implications of these methods in
preventing or minimising capture attacks.
Research Question 2: How effective are the different methods and techniques in preventing
capture attacks, and what are the security implications associated with their implementation?

5
2.3 Developing Search Strategy

The search strategy for this systematic literature review aims to gather comprehensive
information on PIN-entry security, capture attacks, and their related aspects in electronic
payment systems. By utilising specific keywords and their combinations, relevant articles will be
identified. The following search queries will be used:
(1)"PIN-entry security" OR "PIN entry protection" OR "Personal Identification Number
security"
(2)"Capture attacks" OR "PIN skimming" OR "PIN theft" OR "PIN compromise"
(3)"Electronic payment systems" OR "Point-of-sale (POS) devices" OR "ATMs" OR
"Payment terminals"
(4)"Security measures" OR "Countermeasures" OR "Protection methods" OR "Prevention
techniques"

Combining these keywords using "AND" operators will allow for targeted searches:
(1) AND (2): This combination will help identify articles focusing specifically on PIN-entry
security and capture attacks.
(1) AND (3): This query will narrow down articles discussing PIN-entry security in the context
of electronic payment systems or POS devices.
(1) AND (4): Identifies articles discussing security measures or countermeasures in PIN-entry
systems.

2.4 Applying Inclusion/Exclusion Criteria

The criterias that we incorporated in our search are as follows:

Inclusion Criteria Exclusion Criteria

Publication Date: 2010-2024 Publication Date: Pre-2010

Relevance: Focus on PEM security Irrelevant Focus: Non-security aspects

Language: English Language: Non-English

Full Text Availability Non-Peer Reviewed

Research Methodology: Diverse Partial Accessibility

2.5 Selecting Relevant Papers

The study selection process consisted of four phases, which were carefully conducted and
evaluated by a team of twelve researchers. Six authors conducted the full-text screening, while
the other six authors assessed the selected studies for potential bias. At the identification phase,
174 studies were initially identified after we applied the search terms to the title, abstract, and
keyword filters. Section 2.3 mentions the configuration of the search query in the selected
databases. The data retrieved from these databases was imported into a Google Sheet spreadsheet
and subsequently organised by relevance for the next phase. In the screening phase, which

6
encompassed two steps—identifying duplicate studies and manually screening titles and
abstracts for relevancy—103 studies were discarded due to duplication, and an additional 28
were removed after title and abstract reviews. During the eligibility phase, characterised by a
thorough full-text review against the inclusion and exclusion criteria, 43 studies were shortlisted
for detailed examination. After the comprehensive text review, a total of 16 studies remained.

2.6 Extracting Data

A key component of this study is the development of a data extraction methodology. It helps to
elucidate the study topics, highlight important discoveries, and identify recurrent themes and
trends in the selected studies. Relevant data from the selected studies, such as the research
methods used, the types of PIN-entry methods examined, the various instances of capture attacks
exploited and the specific security issues addressed, were extracted. The data items that this
study aims to collect from the selected papers are displayed as following:

Data Items Data description Analysis types

Bibliographic information Research title, year of Descriptive analysis

publication, author name, and
other relevant information
were extracted from
publishers' websites and
academic databases

Types of PIN-entry methods The data was obtained from Descriptive analysis
examined the literature

Various instances of capture The data was obtained from Content analysis and
attacks exploited the literature narrative synthesis

Specific security issues The data was obtained from Content analysis and
addressed the literature narrative synthesis

2.7 Synthesising and Analysing the Data

The extracted data was then analysed to determine whether the literature contains recurring
themes, patterns, and gaps using tables and charts. The selected papers' results were thoroughly
summarised using a combination of descriptive & content analysis and narrative synthesis
techniques. We identified and covered key themes, strengths, weaknesses, security
considerations, and usability aspects related to Pin-Entry Methods (PEMs) resistant to capture
attacks in this synthesis. Throughout this process, we carefully reviewed variations and
inconsistencies in the findings and dug deep into potential explanations to provide a
comprehensive understanding of the current PEM landscape.
This study includes a number of analytical techniques, such as content analysis, and
descriptive analysis, however it's important to remember that several statistical methods, such

7
metaregression and measures of effect, were not included in the study. This decision's
justification stems from the main objective of our study, which is to provide current detailed
analysis on those PIN-entry methods from their ability to prevent capture attacks and the security
aspect of it.

2.8 Identifying Research Gaps & Contributions

The primary goal of this review is to identify alternative strategies that future researchers can
employ to effectively counter PIN capture attacks while addressing other potential security
vulnerabilities. The study's findings provide a comprehensive understanding of the current state
of research on the resistance of Pin-Entry Methods (PEMs) to capture attacks. By identifying
gaps and limitations in existing literature, this review aims to offer valuable insights that can
guide future research efforts. These gaps also serve as a foundation for further investigations to
develop stronger and more secure authentication methods to prevent capture attacks.

3. Results

Figure 2 illustrates the PRISMA flow diagram outlining the systematic review conducted for this
paper. The process encompasses four phases—identification, screening, eligibility, and inclusion.
In the initial identification phase, 174 articles were obtained through database searches. These
studies were spread across different databases as follows: 34 in IEEE Xplore, 28 in Science
Direct, 35 in ProQuest, 10 in IOPScience, 38 in ACM Digital Library, 21 in Web of Science, and
8 in Springer Link.

8
Figure 2. The PRISMA flowchart for the study selection process.

The process began with the identification of studies. Subsequently, 103 duplicate papers were
eliminated. Furthermore, 28 papers were excluded due to their perceived irrelevance or lack of
focus on the pin-entry method. In the eligibility phase, full-text screening was performed on the
remaining 43 articles, and 27 were excluded for not meeting the inclusion criteria. Finally, the
inclusion stage comprised the remaining 16 studies that satisfied both the inclusion and exclusion
criteria, deemed pertinent to the systematic literature review. The analysis and synthesis of these
sixteen articles provide a comprehensive overview of the existing methods and techniques
employed in PIN-entry to mitigate capture attacks. Additionally, we explored the effectiveness
and security implications of these methods in preventing or minimising capture attacks. The
following section outlines the results of our systematic literature review.

The 16 articles selected are from journals and conferences, comprising the following distribution,
whereby 3 articles are from conference papers, and the remaining 13 articles are from journals.

9
 Figure 3: Distribution of publication type.

Figure 4 shows the number of articles taken from various databases. Articles taken from IEEE
Xplore have the highest number of articles at 9 articles, followed by ScienceDirect at 4 articles.
Springer, ACM Digital Library and ProQuest have 1 article respectively.

Figure 4: Distribution of publisher channels

The articles selected based on criteria that the year of publication should not be earlier than 2010.
Therefore the most number of articles selected are from 2016 which is 3 articles. The decision to
include articles published from 2010 onwards in the systematic literature review is grounded in
the need to ensure the relevance and currency of the selected literature. This time frame allows
for the inclusion of recent research and advancements in the field, capturing the latest
developments related to PIN-entry security and capture attacks. By limiting the selection to
articles from 2010 onward, the review aims to provide an up-to-date synthesis of the current state
of knowledge, technologies, and methodologies in the domain. Furthermore, the emphasis on
articles published after 2010 aligns with the rapid evolution of technology and security concerns
in recent years. This criterion ensures that the literature review reflects contemporary challenges
and solutions, offering valuable insights for researchers, practitioners, and policymakers. The
observation that the majority of the selected articles are from 2016 underscores the significance
of this particular timeframe. The clustering of articles around 2016 suggests a period of
heightened scholarly activity or notable advancements in understanding PIN-entry security and
capture attacks. This concentration provides a focused temporal snapshot, allowing the literature
review to capture key trends and developments during a critical period.

10
 Figure 5: The Distribution of the chosen publications is categorised based on the year of publication

RQ1: What are the key methods and techniques used in PIN-entry to mitigate capture
attacks, and how have they evolved over time?
According to research conducted by Roth et al. in "SteganoPIN Two-Faced Human–Machine
Interface for Practical Enforcement of PIN Entry Security", a significant evolution in mitigating
PIN-entry capture attacks involves the use of indirect key entry measures, integrated into user
interface design. This approach is rooted in the concept of cognitive authentication,
acknowledging the limitations of human memory and perception. Roth et al.'s method, known as
BinaryPIN, exemplifies this by employing a dual-colour scheme for PIN entry, where the PIN
digits are entered indirectly through colour selection, enhancing security against observational
attacks. This innovative approach has been further developed and refined in subsequent studies.
For instance, "Analysis and Improvement of a PIN-Entry Method Resilient to Shoulder-Surfing
and Recording Attacks" presents an improved version of the black-and-white PIN entry scheme,
which effectively resists camera-based recording attacks across multiple authentication sessions
without compromising PIN confidentiality.

Further advancements in this domain are highlighted in "Secure PIN-Entry Method Using
One-Time PIN (OTP)", where an indirect input PIN-entry method using OTP is proposed to
counteract shoulder-surfing, video-recording, and spyware attacks. This method's immunity to
such attacks is attributed to the employment of OTP, as indicated by user study results that
demonstrate acceptable usability levels in terms of PIN-entry time and error rate. Additionally,
"A Graphical PIN Entry System with Shoulder Surfing Resistance" introduces a graphical PIN
entry system that utilizes specialized interface design and an indirect PIN entry method involving
extra information in the form of a reference location, invisible to attackers. This system
represents a significant stride in balancing security and usability in PIN-entry methods.
Moreover, the study "Covert Attentional Shoulder Surfing: Human Adversaries Are More
Powerful Than Expected" discusses various prevention methods in software for textual and
graphical passwords, emphasising indirect key entry as a core strategy to resist shoulder-surfing
and related attacks. However, the challenge remains in designing methods that are secure yet
user-friendly. Article "IllusionPIN: Shoulder-Surfing Resistant Authentication Using Hybrid
Images" discusses a method that uses the technique of hybrid images to blend two keypads with
different digit orderings. In addition, the user's keypad is shuffled in every authentication attempt
to prevent attackers from memorizing the spatial arrangement of pressed digits. The estimated

11
minimum distance also prevents visual information capture, adding an extra layer of security.
Existing shoulder-surfing resistant methods lack rigorous quantitative security analyses, relying
on experiments with limited human attackers. Addressing this, the paper "Security Notions and
Advanced Method for Human Shoulder-Surfing Resistant PIN-Entry" introduces new theoretical
and experimental techniques for a quantitative security analysis of PIN-entry methods. It
establishes fresh security notions and guidelines, leading to the development of an advanced
PIN-entry method that effectively counters shoulder-surfing attacks by significantly increasing
the short-term memory required for success. This represents an evolution towards more robust
and quantitatively assessed security solutions in PIN-entry systems. Furthermore, the paper
Timing Attacks on PIN Input Devices details the use of acoustic feedback in PIN-entry devices
and the vulnerabilities it introduces. It discusses techniques like analyzing inter-key delays and
acoustic emissions from keypads to infer PIN sequences, and how attackers can use these
techniques to narrow down possible PIN combinations.

Another innovative approach is presented in the article "DRAW-A-PIN: Authentication Using

Finger-Drawn PIN on Touch Devices." This method introduces a touch-based authentication
system, leveraging behavioural biometrics and a PIN content analyzer to enhance security. Not
only does it prioritise usability through touch-based interactions, but it also adds a layer of
complexity by analysing drawing characteristics. The paper "Secure and user friendly PIN entry
method" proposes a new Pin-Entry method to address the issues facing in the previous model.
The new method has two stages, which is the pass-object setting stage and a PIN entry stage. The
need of memorizing the first object that matches the first digit of a PIN of 4 digit, and then
matching the next PIN digit by rotating the object array and aligning the pass-object with the
current PIN digit increases the complexity and resilience to human shoulder surfer and recording
attack. In the paper titled "Secure Pin-Based-Authentication Obviating Shoulder
Surfing"-SPOSS provides resilience against both human-based shoulder surfing and recording
attacks, along with security against password file compromise. Significantly, SPOSS achieves a
favorable balance between usability and security parameters by ensuring user authentication with
a single round of entry, marking a progressive shift in PIN-entry design. Another notable
contribution is found in the article "Secure Bimodal PIN-Entry Method Using Audio Signals,"
which takes a multisensory approach by combining audio and visual channels to address
guessing and recording attacks. The paper "Authentication using Robust Primary PIN (Personal
Identification Number), Multi Factor Authentication for Credit Card Swipe and Online
Transactions Security'' proposes a novel Authentication scheme utilising Primary PIN and
Multifactor authentication to enhance the security of credit card transactions. The article
"Two-Thumbs-Up Physical Protection for PIN Entry Secure Against Recording Attacks"
introduces a software-based application designed to withstand both shoulder-surfing and
recording attacks. Lastly, the article "Counting Clicks and Beeps: Exploring Numerosity-Based
Haptic and Audio PIN Entry" explores a unique numerosity-based approach using haptic and
audio cues for secure PIN entry. From the article “Machine Learning for PIN Side-Channel
Attacks Based on Smartphone Motion Sensors” by Matteo Nerini et al. They studied the
feasibility of inferring numerical passwords inserted on smartphones just by reading motion
sensor data which are freely accessible. They suggested that with the rise of Machine Learning
and Artificial Intelligence, we should move forward to employ behavioural biometrics to
strengthen the security of authentication methods such as PINs or patterns, and use ML to make
the process more effective.

12
RQ2: How effective are the different methods and techniques in preventing capture
attacks, and what are the security implications associated with their implementation?

In the realm of PIN-entry methods, the effectiveness of various techniques in preventing capture
attacks and their associated security implications have been extensively researched. This paper
will discuss several key studies that have contributed to this field, highlighting both the efficacy
of these methods in enhancing security and the trade-offs they present, particularly in terms of
usability.

One notable approach is the implementation of graphical PIN entry systems, as elucidated in "A
Graphical PIN Entry System with Shoulder Surfing Resistance" by Muhammad Salman et al.
This method employs indirect PIN entry strategies along with specialised interface designs to
significantly reduce the risk of shoulder surfing attacks. The integration of graphical elements
adds a layer of complexity to the authentication process, thereby obfuscating the PIN from visual
observation by potential attackers. However, the intricacy of these systems may adversely impact
their usability, potentially leading to an increased rate of user error and extended authentication
times. Designing a secure and user-friendly PIN-based authentication scheme poses challenges,
primarily due to susceptibility to observational attacks. The article "Analysis and Improvement
of a PIN-Entry Method Resilient to Shoulder-Surfing and Recording Attacks" evaluates a prior
attempt using adaptive black-and-white colouring, recognizing its simplicity but revealing
serious issues like redundancy, unbalanced key presses, system errors, and vulnerability to
recording attacks. Lessons from this analysis inform improvements to the scheme, demonstrating
its effectiveness in resisting camera-based recording attacks over unlimited sessions without
compromising PIN digits. Security implications stress the need to address shortcomings for
robust defence against capture attacks. The study "Covert Attentional Shoulder Surfing: Human
Adversaries Are More Powerful Than Expected" introduces a novel approach called covert
attentional shoulder surfing, demonstrating its effectiveness in breaking a previously considered
secure PIN entry method. Additionally, the paper contributes a formal modelling approach using
predictive human performance modelling for security analysis and improvement. A defence
technique is devised to impair the perceptual performance of adversaries while preserving that of
the user. The security implications underscore the need for more sophisticated defences against
shoulder surfing attacks, considering the potential effectiveness of human adversaries employing
cognitive strategies. Furthermore, the study "Machine Learning for PIN Side-Channel Attacks
Based on Smartphone Motion Sensors" by Matteo Nerini et al. reveals vulnerabilities in
traditional PIN entry methods, particularly when confronted with advanced capture attacks
utilising machine learning techniques. This study underscores the susceptibility of standard PIN
entry methods to side-channel attacks leveraging motion sensor data from smartphones. To
mitigate these risks, the study suggests limiting access to sensor data or employing sophisticated
machine learning algorithms for enhanced security measures.

Another innovative technique is presented in "SPOSS: Secure Pin-Based Authentication

Obviating Shoulder Surfing" by Q. Yan et al., which integrates a challenge-response mechanism
into the PIN entry process. This method effectively counters shoulder surfing by requiring users
to interact with dynamic challenges, thereby complicating the task of capturing the PIN through
direct observation. However, the dynamic nature of these challenges may introduce usability

13
concerns, potentially slowing down the authentication process and increasing the cognitive load
on users. Additionally, "IllusionPIN: Shoulder-Surfing Resistant Authentication Using Hybrid
Images" by A. Papadopoulos et al. introduces a novel approach using hybrid images to create a
dual-view PIN pad. This technique is particularly effective against shoulder surfing, displaying
different images to the user and the observer based on their viewing angles. The effectiveness of
IllusionPIN, however, may vary depending on environmental factors and the relative positioning
of the observer to the user. The study ‘Security Notions and Advanced Method for Human
Shoulder-Surfing Resistant PIN-Entry’ proposes a new PIN-entry method called LIN 4 and LIN
5, which involves entering a PIN by aligning symbols and digits in a specific order. The text
discusses the theoretical framework and experimental techniques used to analyze the security of
PIN-entry methods against human attackers and presents the security notions used in the
evaluation. The text also includes a detailed comparison of the proposed method with previous
PIN-entry methods, such as ColorPIN, Phone Lock, and Timelock, in terms of usability and
security. It outlines the experimental setup, provides detailed analysis of attack performance, and
offers conclusions and future research directions. Moreover, ‘Secure and User Friendly PIN
Entry Method’ describes a new PIN entry method that is resilient to shoulder surfing attacks and
more acceptable than the current method. It presents experimental results comparing the new
method to the RRF method and the regular method in terms of authentication time, error
probability, and user preferences. The new method involves a pass-object setting stage and a PIN
entry stage, reducing error probability and entry time compared to the RRF method. It also
provides security evaluations and performance and usability evaluations. The method is
implemented over Windows XP using C++, with results showing its superiority over the existing
methods. In ‘Secure PIN-Entry Method Using One-Time PIN (OTP)’, the proposed method
utilizes an indirect input approach with a challenge-response method using a one-time PIN
(OTP) and a mini-challenge keypad to obscure the original PIN. This aims to make it more
difficult for attackers to capture the user's PIN during authentication. It is highly resistant to
shoulder-surfing attacks, as evidenced by the fact that attackers failed to recover any hard PINs
in the custom settings of the study. The nonrandom distribution of challenge digits eliminates
correlation between authentication sessions and helps resist video-recording and spyware attacks.

The article ‘SteganoPIN: Two-Faced Human–Machine Interface for Practical’ was also found to
be practical and usable based on its PIN entry time, error rates, and user feedback due to the use
of a two-faced keypad system with a regular and a random layout keypad. The SteganoPIN
system provides a practical balance between security and usability, making it a promising option
for security-sensitive applications in public places. Furthermore, Timing Attacks on PIN Input
Devices evaluates the effectiveness of different methods in preventing capture attacks by
measuring the success rate of inferring PIN sequences using these techniques. It highlights the
security implications, such as the potential for attackers to bypass certain security features, and
suggests countermeasures like introducing random delays in audio feedback or controlling the
pace of digit entry. "DRAW-A-PIN: Authentication Using Finger-Drawn PIN on Touch Devices"
enhances security through the incorporation of behavioural biometrics and a PIN content
analyzer (PCA). However, the potential for false positives or negatives in Drawing Behavioural
Biometrics (DBA) and PCA introduces a nuanced challenge. The method's emphasis on
touch-based interaction, while enhancing security, necessitates a careful balance to ensure
optimal usability. "Secure Bimodal PIN-Entry Method Using Audio Signals" adopts a
commendable multisensory approach by combining audio and visual channels to thwart guessing

14
and recording attacks. However, the introduction of audio elements raises valid concerns about
potential audio eavesdropping, demanding robust security measures. Achieving a delicate
equilibrium between heightened security and potential usability challenges, especially in
vocalising PIN characters, becomes pivotal for the method's success. "Counting Clicks and
Beeps: Exploring Numerosity-Based Haptic and Audio PIN Entry" method poses potential
security concerns related to false positives or negatives, demanding precise calibration for
reliable authentication. Notably, the article emphasises a strategic balance between heightened
security and usability, incorporating user-friendly graphical interfaces and haptic/audio cues to
ensure a seamless and secure PIN-entry experience. The success of this very relies on addressing
security implications while prioritising an intuitive and efficient user interaction. Beside that,
"Authentication using Robust Primary PIN (Personal Identification Number), Multifactor
Authentication for Credit Card Swipe and Online Transactions Security'' proposes the Primary
PIN and Multifactor authentication to adds extra layer of security to the authentication process. If
a capture attack occurs and the fraudster gains access to the credit card information, they would
still need the Primary PIN in order to validate the transaction. This makes it more difficult for
fraudulent transactions to be completed without the knowledge of the Primary PIN. The use of
Primary PIN and Multifactor authentication enhances the security, integrity, availability, and
privacy of the credit card information entrusted to the system. Lastly, "Two-Thumbs-Up Physical
Protection for PIN Entry Secure Against Recording Attacks" distinguishes itself by offering
physical defence against observation attacks; however, the software's interface complexity may
present usability challenges. Striking the right balance between robust security measures and a
user-friendly interface remains crucial for the widespread adoption and effectiveness of this
approach.

These studies collectively highlight that while various methods can bolster the security of
PIN-entry systems against capture attacks, they often necessitate compromises in terms of user
convenience and practicality. The selection of a suitable method thus hinges on finding an
optimal balance between the imperative of security and the exigencies of user experience.

3.1 Taxonomy

Figure 6: Taxonomy of PIN-entry methods to resistant to capture attacks

In methods involving PIN entry, users are required to input their PIN using various patterns.

15
4. Discussion

In the exploration of PIN-entry methods resistant to capture attacks, the research papers present a
dynamic intersection of software-based, hardware-based, hybrid, and behavioural methods, each
offering distinct approaches to enhance security and user experience. We can highlight and
compare these methods.

4.1 Comparison and Contrast of Different PIN-Entry Methods

Software-Based Methods: The "SteganoPIN" and "BinaryPIN" methods, developed by Roth et

al., showcase a significant shift in software-based PIN-entry strategies. They introduce an
indirect key entry mechanism through a dual-colour scheme, fundamentally altering the way
PINs are entered to enhance security against observational attacks. This approach, rooted in
cognitive authentication, acknowledges human memory and perception limitations. However, it
also increases the cognitive load on users, a common trade-off in software-based methods that
prioritise security over simplicity. Another notable software-based method is the "Graphical PIN
Entry System," which revolutionises PIN entry by integrating additional reference information
into a graphical interface, invisible to potential attackers. This method effectively counters
shoulder surfing, but its complexity might impact its usability, particularly for users less
comfortable with intricate graphical systems. The paper on "Covert Attentional Shoulder
Surfing" emphasises the importance of indirect key entry in both textual and graphical
passwords, highlighting software strategies to resist such attacks. Despite its broad applicability,
the challenge in these software-based solutions remains balancing enhanced security with
user-friendly design. Additionally, the "Two-Thumbs-Up Physical Protection" represents a
software application designed to withstand both shoulder-surfing and recording attacks, offering
a user-friendly solution against these common capture attacks. However, its effectiveness against
more sophisticated attacks has not been thoroughly explored.

Hardware-Based Methods: In contrast, hardware-based methods, as exemplified by the study

on "Timing Attacks on PIN Input Devices," focus on the physical aspects of PIN entry. This
research highlights the vulnerabilities introduced by acoustic feedback in PIN-entry devices,
underscoring the need for comprehensive security that extends beyond visual protection. While
this method is pivotal in identifying vulnerabilities, it is more about highlighting potential risks
rather than providing a direct solution to secure PIN entry.

Behavioural Methods: These methods are centred around unique user behaviours, such as
typing rhythm or hand gestures, as seen in the "MUSEP" system. This approach personalised the
security mechanism, making it inherently difficult for an observer to replicate. The SLR
discusses the effectiveness of behavioural methods in creating a security layer that is intimately
linked to the individual user. However, the variability in user behaviour and potential privacy
issues are significant concerns. For example, a user's typing rhythm might change under stress or
fatigue, affecting the reliability of the system.

Hybrid Methods: An emerging trend in the SLR results is the development of hybrid methods,
which integrate elements from software, hardware, and behavioural approaches. These methods
aim to balance the strengths and weaknesses of each category to create a more comprehensive
security solution. For instance, a system combining a randomised keypad layout

16
(hardware-based) with eye-gaze tracking (software/behavioural-based) could offer robust
security while minimising cognitive load and enhancing user privacy. The "Graphical PIN Entry
System" is an example of a hybrid method, combining graphical elements with traditional PIN
entry. This system enhances security by adding a layer of complexity to the PIN entry process,
making it harder for an observer to decipher the PIN. However, the added complexity might pose
usability challenges for some users, particularly those not accustomed to interacting with
graphical interfaces.

Comparative Analysis: When comparing these methods, it's evident that each has its unique
advantages and drawbacks. Software-based methods are versatile and can be deployed without
additional hardware, making them suitable for widespread implementation. However, they may
fall short in environments where environmental factors cannot be controlled. Hardware-based
methods offer tangible security improvements but often at the cost of additional hardware
requirements and potential impacts on user experience. Behavioural methods provide a high
level of personalization in security but face challenges in terms of consistency and privacy
implications.

Hybrid methods, as indicated by the SLR results, represent a promising area of development,
potentially offering a more balanced approach to security and usability. However, the complexity
of designing and implementing such systems, along with the need for extensive user testing to
ensure accessibility and ease of use, cannot be understated.

4.2 Limitations

The limitations of the SLR are multifaceted. Firstly, the temporal scope of the literature review
might have excluded recent advancements in PIN-entry methods, which could offer novel
insights into combating capture attacks. The quality and methodological rigour of the studies
reviewed varied, potentially impacting the generalizability of the findings. Additionally, the
focus on capture attacks meant that the efficacy of these methods against other security threats,
such as algorithmic attacks or social engineering, was not thoroughly evaluated. This limitation
points to the need for a more comprehensive approach in future research, encompassing a
broader spectrum of security threats. The results of the SLR vividly illustrate the trade-off
between usability and security in PIN-entry methods. High-security methods, such as the "Secure
PIN-Entry Method Using OTP," offer robust protection but at the cost of increased cognitive load
and potential user inconvenience. On the other hand, more user-friendly methods, like the
"Secure and User-Friendly PIN Entry Method," may sacrifice some degree of security for ease of
use and accessibility. This trade-off is a crucial consideration in the real-world application of
these methods. For instance, in high-security environments like banking, a more complex but
secure method may be preferable. In contrast, for everyday consumer use, a balance skewed
towards usability might be more appropriate. The challenge lies in designing PIN-entry systems
that can adapt to the context of use while maintaining an optimal balance between security and
user convenience.

17
4.3 Recommendations for Future Research

Future research should focus on exploring and developing hybrid PIN-entry methods that
integrate the strengths of software, hardware, and behavioural approaches. Such hybrid solutions
could potentially offer a more balanced approach to security and usability. For example,
combining touch-based authentication with behavioural biometrics could enhance security
without significantly impacting user experience. Another important area for future research is the
improvement of the user experience in secure PIN-entry methods. As the SLR results suggest,
user-friendly methods are more likely to gain widespread acceptance and use. Research should,
therefore, prioritise the development of methods that are both secure and intuitive. Lastly,
addressing emerging threats in the field of PIN-entry security is critical. As technology evolves,
so do the methods and strategies used by attackers. Ongoing research must be dedicated to
understanding these new threats and developing countermeasures to stay ahead of potential
security breaches.

Conclusion

In conclusion, the Systematic Literature Review (SLR) on PIN-entry methods resistant to

capture attacks illuminates a multifaceted landscape where security, usability, and innovation
converge. The diverse array of methodologies presented in the examined studies underscores the
complexity of crafting PIN-entry systems that effectively thwart capture attacks while
maintaining a seamless user experience. In the realm of software-based methods, the strides
made by innovations like SteganoPIN and BinaryPIN mark a significant departure from
traditional direct key entry. Indirect key entry mechanisms, rooted in cognitive authentication
principles, provide enhanced security but introduce a cognitive load on users. The delicate
balance between heightened security and user-friendly design is evident, suggesting that the
practical implementation of such methods requires careful consideration of user acceptance.
Hardware-based methods, as exemplified by the insights gained from Timing Attacks on PIN
Input Devices, emphasise the importance of physical aspects in PIN-entry security. The
vulnerabilities introduced by acoustic feedback underscore the need for a comprehensive security
approach that extends beyond visual protection. However, these findings serve more as a clarion
call to recognize potential risks rather than offering a direct solution for securing PIN entry.
Behavioural methods, personalised around unique user behaviours, introduce an intimate layer of
security. However, the SLR reveals challenges related to the consistency of user behaviour and
potential privacy concerns. The user-centric nature of these methods suggests a need for ongoing
research to strike a balance between tailoring security measures and respecting user privacy and
variability. Hybrid solutions emerge as a promising direction in PIN-entry security. The
Graphical PIN Entry System, among others, integrates elements from software, hardware, and
behavioural approaches. This amalgamation aims to harness the strengths of each category,
offering robust security while mitigating potential usability challenges. The SLR results point to
the potential of hybrid methods to provide a more adaptable and balanced security solution for
real-world applications. The overarching trade-off between heightened security and user
convenience resonates throughout the findings. The Secure and User-Friendly PIN Entry Method

18
serves as a poignant example, highlighting the necessity of finding an optimal balance to ensure
widespread acceptance and practical usability. Practitioners are urged to contextualise their
choices, selecting PIN-entry methods that align with the specific needs and risk tolerance of their
environments.
In practice, the SLR underscores the need for continuous adaptation in PIN-entry systems
to address emerging threats. A user-centric design philosophy, prioritising both security and user
experience, should guide the development and implementation of these systems. As technology
and user behaviours evolve, ongoing research is paramount to ensure the effectiveness of
PIN-entry methods against a broader spectrum of security threats. Overall, the SLR provides a
foundation for informed decision-making, urging practitioners to navigate the intricate landscape
of PIN-entry security with a nuanced understanding of the trade-offs inherent in each method.

Credit authorship contribution statement

Raja Zareef Firdaus Bin Raja Azman Nahar: Conceptualization, methodology, formal analysis,
writing—original draft preparation, writing—review and editing, project administration,
resources.
Ahmad Affifuddin Bin Ahmad Khairuddin: Conceptualization, methodology, formal analysis,
writing—original draft preparation, writing—review and editing, supervision.
Chong Zi Jing: Formal analysis, and writing—review and editing.
Liew Rui Zhi : Methodology, data curation.
Low Jun Jie : Methodology, formal analysis, and writing—review and editing.
Tee Wei Lun : Methodology, formal analysis.
Chow Shang Shyan : Formal analysis, writing—review and editing, project administration,
funding acquisition.
Nafim Bashar : Methodology, formal analysis.
Arham Hossain Chowdhury : Methodology, resources.
Tan Jian Ming : Methodology, resources.
Raaim Saudulla: Methodology, resources.
Thinaraj A/L A Muttiah: Formal analysis, writing—original draft preparation, writing—review
and editing, resources.

Data availability statement

Data sharing is not applicable to this article as no new data were created or analysed in this
study.

Declaration of competing interests

The authors declare that they have no known competing financial interests or personal
relationships that could have appeared to influence the work reported in this paper.

19
Fundings
Fundings are not applicable to this article.

Acknowledgements
None.

Appendix A. Supplementary data

• PRISMA 2020 checklist.
• Assessment of study quality.

References
Bianchi, A., Oakley, I., & Dong Soo Kwon. (2012). Counting clicks and beeps: Exploring
numerosity based haptic and audio PIN entry. Interacting with Computers, 24(5),
409–422. https://doi.org/10.1016/j.intcom.2012.06.005
Bianchi, A., Oakley, I., Vassilis Kostakos, & Dong Soo Kwon. (2010). The phone lock.
https://doi.org/10.1145/1935701.1935740
Bonneau, J., Preibusch, S., & Anderson, R. (2012). A Birthday Present Every Eleven Wallets?
The Security of Customer-Chosen Banking PINs. Financial Cryptography and Data
Security, 25–40. https://doi.org/10.1007/978-3-642-32946-3_3
Bošnjak, L., & Brumen, B. (2020). Shoulder surfing experiments: A systematic literature review.
Computers & Security, 99, 102023. https://doi.org/10.1016/j.cose.2020.102023
Chang Soon Kim, & Lee, M.-K. (2010). Secure and user friendly PIN entry method.
https://doi.org/10.1109/icce.2010.5418819
DaeHun Nyang, Kim, H., Lee, W., Sung bae Kang, Cho, G., Mun Kyu Lee, & Aziz Mohaisen.
(2018). Two-Thumbs-Up: Physical protection for PIN entry secure against recording
attacks. Computers & Security, 78, 1–15. https://doi.org/10.1016/j.cose.2018.05.012
Farid Binbeshr, Lip Yee Por, Laiha, M., Zaidan, A. A., & M. Mudasar Imam. (2023). Secure
PIN-Entry Method Using One-Time PIN (OTP). IEEE Access, 11, 18121–18133.
https://doi.org/10.1109/access.2023.3243114
Kune, D. F., & Kim, Y. (2010, October 4). Timing attacks on PIN input devices | Proceedings of
the 17th ACM conference on Computer and communications security. ACM Conferences.
https://dl.acm.org/doi/10.1145/1866307.1866395
Kwon, T., & Hong, J. (2015). Analysis and Improvement of a PIN-Entry Method Resilient to
Shoulder-Surfing and Recording Attacks. IEEE Transactions on Information Forensics
and Security, 10(2), 278–292. https://doi.org/10.1109/tifs.2014.2374352
Kwon, T., & Sarang Na. (2016). SteganoPIN: Two-Faced Human–Machine Interface for
Practical Enforcement of PIN Entry Security. IEEE Transactions on Human-Machine
Systems, 46(1), 143–150. https://doi.org/10.1109/thms.2015.2454498
Kwon, T., Shin, S., & Sarang Na. (2014). Covert Attentional Shoulder Surfing: Human
Adversaries Are More Powerful Than Expected. IEEE Transactions on Systems, Man,
and Cybernetics, 44(6), 716–727. https://doi.org/10.1109/tsmc.2013.2270227
Lee, M.-K. (2014). Security Notions and Advanced Method for Human Shoulder-Surfing
Resistant PIN-Entry. IEEE Transactions on Information Forensics and Security, 9(4),
695–708. https://doi.org/10.1109/tifs.2014.2307671

20
Lee, M.-K., Nam, H., & Dong Kyue Kim. (2016). Secure bimodal PIN-entry method using audio
signals. Computers & Security, 56, 140–150. https://doi.org/10.1016/j.cose.2015.06.006
Maheshwari, A., & Mondal, S. (2016). SPOSS: Secure Pin-Based-Authentication Obviating
Shoulder Surfing. Lecture Notes in Computer Science, 66–86.
https://doi.org/10.1007/978-3-319-49806-5_4
Markert, P., Bailey, D. V., Golla, M., Dürmuth, M., & Aviv, A. J. (2020). This PIN Can Be Easily
Guessed: Analyzing the Security of Smartphone Unlock PINs. ArXiv (Cornell
University). https://doi.org/10.48550/arxiv.2003.04868
Matteo Nerini, Favarelli, E., & Chiani, M. (2023). Machine Learning for PIN Side-Channel
Attacks Based on Smartphone Motion Sensors. IEEE Access, 11, 23008–23018.
https://doi.org/10.1109/access.2023.3253288
Nguyen, T., Napa Sae-Bae, & Memon, N. (2017). DRAW-A-PIN: Authentication using
finger-drawn PIN on touch devices. Computers & Security, 66, 115–128.
https://doi.org/10.1016/j.cose.2017.01.008
Page, M. J., McKenzie, J. E., Bossuyt, P. M., Boutron, I., Hoffmann, T., Mulrow, C. D.,
Shamseer, L., Tetzlaff, J., Akl, E. A., Brennan, S., Chou, R., Glanville, J., Grimshaw, J.,
Asbjørn Hróbjartsson, Lalu, M. M., Li, T., Loder, E., Mayo‐Wilson, E., McDonald, S., &
McGuinness, L. A. (2021). The PRISMA 2020 statement: an updated guideline for
reporting systematic reviews. Systematic Reviews, 10(1).
https://doi.org/10.1186/s13643-021-01626-4
Papadopoulos, A., Nguyen, T., Emre Durmus, & Memon, N. (2017). IllusionPIN:
Shoulder-Surfing Resistant Authentication Using Hybrid Images. IEEE Transactions on
Information Forensics and Security, 12(12), 2875–2889.
https://doi.org/10.1109/tifs.2017.2725199
Srinivasan, R. (2018). DragPIN: A secured PIN entry scheme to avert attacks. Int. Arab J. Inf.
Technol., 15, 213-223.
S. Vaithyasubramanian. (2020). Authentication using Robust Primary PIN (Personal
Identification Number), Multifactor Authentication for Credit Card Swipe and Online
Transactions Security. International Journal of Advanced Computer Science and
Applications, 11(4). https://doi.org/10.14569/ijacsa.2020.0110471
Salman, M., Li, Y., & Wang, J. (2019). A Graphical PIN Entry System with Shoulder Surfing
Resistance. https://doi.org/10.1109/siprocess.2019.8868388
Wang, D., Gu, Q., Huang, X., & Wang, P. (2017). Understanding Human-Chosen PINs.
Computer and Communications Security. https://doi.org/10.1145/3052973.3053031

21