Comments on: PINs still under attack! https://javacard.vetilles.com/2011/08/27/pins-still-under-attack/ A weblog on Java Card, security, and other things personal Thu, 18 May 2017 07:26:32 +0000 hourly 1 https://wordpress.org/?v=4.0.32 By: Thoth https://javacard.vetilles.com/2011/08/27/pins-still-under-attack/#comment-20306 Fri, 22 Apr 2016 13:34:51 +0000 http://javacard.vetilles.com/?p=734#comment-20306 One obvious method to prevent smartphone screen password attacks by motion sensors in the phone is to randomise the keyboard which have long been implemented by Cyanogen.

In fact the more secure method is to include a PIN or biometric entry on the security device/smart card for on-device authenticatiin then press a OK or Cancel transaction on the securitu device/smart card.

The Zwipe product includes a fingerprint sensor on a smart card and the likes of Plastc and other E-ink cards are embedding touchscreen E-ink or buttons on smart cards.

Finally, the Ledger Blue hardware is a personal security device integrating a ST31 secure element tied to a touchscreen with USB, NFC and BLE connectivity for secure applications and PIN entry onto a single device to make scraping PIN much harder.

]]>