Design of a Resilient System against Shoulder Surfing Attack: Adaptable to USSD Channel
preprint
OA: closed
Abstract
Abstract The most widely accepted authentication method involves the use of a personal identification number (PIN). This method is applicable across many technologies, of which one of which is Unstructured Supplementary service data (USSD). USSD is a capability built into Global System for Mobile Communication (GSM) mobile phones. In some third-world countries like Nigeria, this technology is used in carrying out financial transactions. It has been observed that while carrying out banking transactions using this technology, users' PIN entered for authentication appears in plain text on the mobile interface, thereby subjecting it to shoulder surfing attacks. Findings revealed that users' PIN appears in plain text because USSD technology is designed to convey only textual data. That is why many existing authentication methods against Human shoulder surfing attack which contains features like images, colors, or graphical password, that can provide security to users' PIN on mobile interface are not implemented on the USSD channel. This research is, therefore, on the design of a new authentication method that can provide security to users’ PIN at the mobile interface, against shoulder surfing attacks which can be implemented on the USSD channel. In this method, the challenge response approach is adopted to provide a secure PIN entry method in the presence of a human shoulder surfer, using the Randomization obfuscation method that randomly places the user's chosen PIN within randomly generated 10-digit numbers, in Left to Right order. For further security, the model designed named “Mobisafe” include features like; Bag of Soft Biometrics (BoSB) details and one-time password (OTP).
My notes (saved in your browser only)
Citation neighborhood (no data yet)
We don't have any in-corpus citations linked to this paper yet. The paper's references may be in our DB but unresolved to ``paper_id`` (resolution happens at ingest when the cited DOI matches a row we already have). Run the cross-source citation reconcile pass to retry.
Source provenance
- europepmc
- last seen: 2026-05-19T01:45:01.086888+00:00