Automated Teller Machines (ATMs) represent the most used system for withdrawing cash. The European Central Bank reported more than 11 billion cash withdrawals and loading/unloading transactions on the European ATMs in 2019. Although ATMs have undergone various technological evolutions, Personal Identification Numbers (PINs) are still the most common authentication method for these devices. Unfortunately, the PIN mechanism is vulnerable to shoulder-surfing attacks performed via hidden cameras installed near the ATM to catch the PIN pad. To overcome this problem, people get used to covering the typing hand with the other hand. While such users probably believe this behavior is safe enough to protect against mentioned attacks, there is no clear assessment of this countermeasure in the scientific literature. This paper proposes a novel attack to reconstruct PINs entered by victims covering the typing hand with the other hand. We consider the setting where the attacker can access an ATM PIN pad of the same brand/model as the target one. Afterward, the attacker uses that model to infer the digits pressed by the victim while entering the PIN. Our attack owes its success to a carefully selected deep learning architecture that can infer the PIN from the typing hand position and movements. We run a detailed experimental analysis including 58 users. With our approach, we can guess 30% of the 5-digit PINs within three attempts -- the ones usually allowed by ATM before blocking the card. We also conducted a survey with 78 users that managed to reach an accuracy of only 7.92% on average for the same setting. Finally, we evaluate a shielding countermeasure that proved to be rather inefficient unless the whole keypad is shielded.
翻译:自动送货机(ATMs) 代表了最常用的撤回现金系统。 欧洲央行报告说, 2019年欧洲自动取款机上超过110亿次提取现金和卸载/卸载交易。 虽然自动取款机经历了各种技术演进, 但个人识别号码(PIN)仍是这些装置最常用的认证方法。 不幸的是, PIN 机制很容易被通过安装在自动取款机旁边的隐藏相机进行肩上俯冲攻击以赶上 PIN 垫。 为了克服这个问题, 人们会习惯用另一手来掩盖打字手。 虽然这些用户可能认为这种行为足够安全,可以防止上述攻击, 但科学文献中并没有对这一反措施作出明确的评估。 虽然个人识别号码(PIN)已经经历了不同的技术演进, 但本文建议用新的攻击来重建受害者用手打字输入的个人识别号码输入的个人识别号码(PIN ) 。 我们考虑攻击者可以使用与目标同一品牌/模一样的ATM PIN 。 之后, 攻击者只能用这个模型来评估受害者在进入 PIN 时所输入的数字数据。 我们的攻击要靠的是它的平均位置, 30个尝试, 。