top of page

OneButtonPIN: A Breakthrough in Security for Blind and Low-Vision Tech Users


A person using the OneButonPIN interface. Touching and holding the 'Hold For PIN' buton triggers a haptic vibration sequence. The user counts the vibrations and releases the finger to enter the desired PIN digit. Credit: Proceedings of the ACM on Human-Computer Interaction (2022). DOI: 10.1145/3546747
A person using the OneButonPIN interface. Touching and holding the 'Hold For PIN' buton triggers a haptic vibration sequence. The user counts the vibrations and releases the finger to enter the desired PIN digit. Credit: Proceedings of the ACM on Human-Computer Interaction (2022). DOI: 10.1145/3546747

Blind and low-vision (BLV) technology users face unique challenges when it comes to securely access their devices. Traditional authentication methods such as pattern drawing, fingerprint and face scans, and PIN codes can be difficult for BLV users to use effectively without visual data and are also vulnerable to privacy attacks. However, researchers at the University of Waterloo and the Rochester Institute of Technology have developed a new method that could change the game for BLV tech users: OneButtonPIN.


The OneButtonPIN Method


OneButtonPIN is a new authentication method that allows users to input PIN codes using a single large button and a series of haptic vibrations. When prompted to enter a PIN code, the user presses and holds a large button on their smartphone screen. This activates a series of vibrations separated by pauses; the user counts the number of vibrations corresponding to the number they desire to enter, then releases the button and repeats the process until the desired numbers are entered.


OneButtonPIN addresses the security issues faced by BLV users by using haptic vibrations that are imperceptible to outsiders. Stacey Watson, a lecturer in computer science and one of the researchers on the study, explains that biometrics such as fingerprints and face scans are unique and easy to use, but a person's biometrics cannot be changed or reset.


"More traditional forms of entry are vulnerable due to many BLV people's use of screen reader technology," said Watson. "PIN users are vulnerable both to eavesdropping and shoulder surfing attacks, which is where someone nearby can observe a user's device without their knowledge."


Research Results


In a research study, nine BLV participants installed OneButtonPIN apps on their phones. They were first tasked with entering randomly generated PINs using the OneButtonPIN method several times, then instructed to use the app at least once a day for a week as part of a diary study. The study revealed that OneButtonPIN allowed users to input codes with an average of 83.6 percent accuracy or above, as opposed to 78.1 percent accuracy using traditional methods.


The method also proved to be incredibly secure. In the second stage of the study, 10 sighted participants watched videos of people using both traditional PIN entry methods and OneButtonPIN, then attempted to guess their PIN codes. Every participant was able to successfully guess users' PINs using traditional methods, but no one could successfully guess code input using OneButtonPIN.


"While OneButtonPIN was designed for BLV people, many users will appreciate the added security," Watson said. "When we make things more accessible, we make things more usable for the average user as well."


The study was published in the Proceedings of the ACM on Human-Computer Interaction.


Conclusion


The OneButtonPIN method offers a breakthrough solution for BLV technology users who have long struggled with the security issues of traditional authentication methods. The use of haptic vibrations makes it imperceptible to outsiders, while the large button and vibration counting process are easy for BLV users to use effectively. With an accuracy rate of 83.6 percent or above and the added security of not being able to guess the PIN code, OneButtonPIN is a game-changer for BLV tech users.


Journal Information:Manisha Varma Kamarushi et al, OneButtonPIN: A Single Button Authentication Method for Blind or Low Vision Users to Improve Accessibility and Prevent Eavesdropping, Proceedings of the ACM on Human-Computer Interaction (2022). DOI: 10.1145/3546747

1 view0 comments
bottom of page