Stanford's EyePassword helps fight "shoulder-surfing" at the ATM

by Paul Miller, posted Aug 21st 2007 at 10:15AM

Gaze-based password entry might sound like a chore -- and we can't say we find the fact of aligning our eyes with an on-screen ATM keyboard all that practical -- but if it means we can finally avoid that awkward moment at the cash machine where we block the keypad view from that shifty-looking sixth grader standing next to us, it just might be worth it. Stanford University has folks working on just such a solution to the dreaded "shoulder-surfing" at ATMs, and has come up with EyePassword. They're testing some systems that track your eyeballs in a variety of ways to perform PIN input, and while the resulting study shows that input times are slowed a little, the system does indeed make "eavesdropping by a malicious observer largely impractical." Of course, there's no telling when something like this will hit your neighborhood deli.

[Via New Scientist]

Filed under: Peripherals

Tags: atm, eyepassword, shoulder surfing, ShoulderSurfing, stanford university, StanfordUniversity

Reader Comments (Page 1 of 1)

Highly Ranked

nate @ Aug 21st 2007 10:24AM

forget atms, this would be great for this disabled

Neutral

Paul @ Aug 21st 2007 1:49PM

Yeah, especially for the blind...oh wait...

Neutral

DaLa @ Aug 21st 2007 10:59AM

I'm not cross-eyed nor making a joke, but how or do these eye tracking scanners work for cross-eyed people?

Neutral

Andir3.0 @ Aug 21st 2007 11:51AM

Or lazy eyes...

Neutral

Tony @ Aug 21st 2007 9:58PM

Or 4th nerve palsy

Highly Ranked

NHAnimator @ Aug 21st 2007 11:01AM

I can hear the digital voice saying "You looked at the number 4. If this is correct, look at the number 1."

Neutral

Spyvie @ Aug 21st 2007 11:14AM

I used to work in IT in a state capitol building, after hour’s access required pin entry into a scrambled number pad. It was pretty cool, a grid of physical keys with nixi tube numbers inside would beep and scramble every time it woke up... like a slot machine or some game show screen.

Neutral

Equis @ Aug 21st 2007 11:28AM

Wouldn't it be just as easy for thieves to plant a hidden camera to track people's eye movement?

Highly Ranked

PDubNYC @ Aug 21st 2007 11:41AM

Oh ya, that sure would be easy. Or they could possibly stuff a midget into the deposit envelope slot to watch your eyes.

At least this system would prevent you from taking money out when you are too drunk to know better.

Neutral

Dilbert @ Aug 21st 2007 5:37PM

"At least this system would prevent you from taking money out when you are too drunk to know better."

That would have been a life saver when I was younger :P

Neutral

HineyWipe @ Aug 21st 2007 11:41AM

I recall the earlier ATMs had the orange-phosphor screen with periscope to allow only YOU to see what you entered and transaction. Way to go cheapskate-banks and germ-inducing touchscreens.

Neutral

Zach @ Aug 21st 2007 12:56PM

as opposed to pink-eye and eye-boogers?

Highly Ranked

SHOTT3R @ Aug 21st 2007 12:18PM

How to combat shoulder surfing*.

1. Turn around
2. Glare
3. Say "I didn't know we had a joint account. Could you back up off me?"
4. Glare
5. Resume business

*only steps 1 and 2 may be needed if you are a large black man such as myself :)

Neutral

Zach @ Aug 21st 2007 12:57PM

yea, but you didn't have any funds in your account to begin with

// horrid black stereotype :( I'm sorry

Highly Ranked

SHOTT3R @ Aug 21st 2007 1:00PM

Haha, c'mon. Obviously I'm withdrawing funds with a card I stole. Who said it had to be my account?

Neutral

Samo @ Aug 21st 2007 2:37PM

Totally LOL'd at that convo.

Neutral

mitch.redmond @ Aug 21st 2007 2:45PM

Best comment ever.

Neutral

Le Master @ Aug 21st 2007 4:52PM

Zach, I've never laughed so hard at a comment in my life. Good stuff you two.

Neutral

Derrick @ Aug 21st 2007 1:07PM

How does this thing handle repeated characters in a password? What if I need to hit the same key twice in a row?

Neutral

Solomon @ Aug 21st 2007 1:29PM

double-blink?

Neutral

lk @ Aug 21st 2007 1:11PM

why not just do a biometric retina scan. The one that anaylzes the unique physical structure of your eye. That would be much easier.

Neutral

Samo @ Aug 21st 2007 2:40PM

It would be more expensive, have to include your bio deets on card and on system, causing the goverment to know yet another nit-bit of info about you?

On the otherhand, your goverment isn't as bad as mine yet, in terms of 'big brother' style watching your every move and knowing everything about everyone. Heck here in the UK we are getting biometric ID cards and passports to 'combat illegal immigrants, terrorists... [insert catchword of the day here]'

Neutral

lk @ Aug 21st 2007 1:14PM

stare away from the keyboard, then stare at the key again, (I am guessing)

Neutral

SHOTT3R @ Aug 21st 2007 2:39PM

a la Tay Zonday in "Chocolate Rain"?

Neutral

TehRoM4nTic @ Aug 21st 2007 1:25PM

/sung
I see the secrets that you keep, when you're staring at the keys.

Neutral

djxspike @ Aug 21st 2007 1:58PM

Shoulder surfing? What ever happened to looking over your shoulder and calmly saying "hey - back the f@#$ up!"??

Neutral

XSportSeeker @ Aug 21st 2007 4:31PM

This is great and all... but isn't this far more complicated than having using biometrics?
Fingerprint scanning and retina.. or even those finger veins scanner or something.
I mean, unless this is extremely precise (and users are extremely trainned), I can only imagine how many wrong passwords the system would generate.