Proposal and Evaluation of Authentication Method Having Shoulder-Surfing Resistance for Smartwatches Using Shift Rule

  • Makoto Nagatomo
  • Kazuki Watanabe
  • Kentaro Aburada
  • Naonobu Okazaki
  • Mirang ParkEmail author
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 1036)


Recently, mobile devices having small touchscreen such as smartwatches has been increasing due to miniaturization of electronic devices. Currently, PIN and pattern lock are used for personal authentication of these devices, but there is possibility of leakage of authentication information by shoulder-surfing attack. Many authentication methods having shoulder-surfing resistance are proposed until now. However, these methods are for smartphones or tablets having middle-size screen. Hence, when these authentication methods apply for smartwatches, the usability reduces because a user cannot touch the screen accurately. Therefore, in this paper, we propose personal authentication method having shoulder-surfing resistance for smartwatches. In this method, the user selects alternative icon to registered icon on \(3\times 3\) matrix using shift rule. In addition, we implemented the proposed method on smartwatch, and performed two experiments to confirm usability and shoulder-surfing resistance. As a result, average authentication time and authentication success rate was 13.8 s and 89.4%, and touch success rate was 96.2% when using shift rule. Also, the leakage rate of authentication information was 0.0%.



This work was supported by JSPS KAKENHI Grant Numbers JP17H01736, JP17K00139.


  1. 1.
  2. 2.
    Siek, K.A., Rogers, Y., Connelly, K.H.: Fat finger worries: how older and younger users physically interact with PDAs. In: Proceedings of the 2005 IFIP TC13 International Conference on Human-Computer Interaction, pp. 267–280 (2005)CrossRefGoogle Scholar
  3. 3.
    Khan, H., Hengartner, U., Vogel, D.: Evaluating attack and defense strategies for smartphone PIN shouder surfing. In: Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems, no. 164, 10 pages (2018)Google Scholar
  4. 4.
    Divyapriya, K., Prabhu, P.: Image based authentication using illusion pin for shoulder surfing attack. Int. J. Pure Appl. Math. 119(7), 835–840 (2018)Google Scholar
  5. 5.
    Higashikawa, S., Kosugi, T., Kitajima, S., Mambo, M.: Shoulder-surfing resistant authentication using pass pattern of pattern lock. IEICE Trans. Inf. Syst. E101(1), 45–52 (2018)CrossRefGoogle Scholar
  6. 6.
    Tanaka, M., Hiroyuki, I.: Proposal of improved background pattern slide authentication against shoulder surfing in consideration of convenience. J. Inf. Process. Soc. Jpn. 58(9), 1513–1522 (2017). (in Japanese)Google Scholar
  7. 7.
    Kita, Y., Okazaki, N., Nishimura, H.: Implementation and evaluation of shoulder-surfing attack resistant users. IEICE Trans. Inf. Syst. J97-D(12), 1770–1784 (2014). (in Japanese)Google Scholar
  8. 8.
    The Galaxy S8 and Pixel Should Copy LG’s Knock Code. Accessed 17 June 2019
  9. 9.
    Oakley, I., Huh, J.H., Cho, J., Cho, G., Islam, R., Kim, H.: The personal identification chord: a four button authentication system for smartwatches. In: ASIACSS 2018 (2018)Google Scholar
  10. 10.
    SmartWatch 3. Accessed 13 May 2019
  11. 11.
    Hart, S.G., Staveland, L.E.: Development of NASA-TLX (task load index): result of empirical and theoretical research. Hum. Ment. Work. 1(3), 139–183 (1988)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Makoto Nagatomo
    • 1
  • Kazuki Watanabe
    • 1
  • Kentaro Aburada
    • 2
  • Naonobu Okazaki
    • 2
  • Mirang Park
    • 1
    Email author
  1. 1.Kanagawa Institute of TechnologyAtsugiJapan
  2. 2.University of MiyazakiMiyazakiJapan

Personalised recommendations