Shoulder surfing (computer security)

From Wikipedia, the free encyclopedia

Jump to: navigation, search

In computer security, shoulder surfing refers to using direct observation techniques, such as looking over someone's shoulder, to get information. Shoulder surfing is particularly effective in crowded places because it's relatively easy to observe someone as they:

  • fill out a form
  • enter their PIN at an automated teller machine
  • use a calling card at a public pay phone
  • enter passwords at a cybercafe, public and university libraries, or airport kiosks.
  • enter a digit code for a rented locker in a public place such as a swimming pool or airport.

Shoulder surfing is also be done at a distance using binoculars or other vision-enhancing devices. Inexpensive, miniature closed-circuit television cameras can be concealed in ceilings, walls or fixtures to observe data entry. To prevent shoulder surfing, it is advised to shield paperwork or the keypad from view by using one's body or cupping one's hand.

Recent automated teller machines now have a sophisticated display which discourages shoulder surfers. It grows darker beyond a certain viewing angle, and the only way to tell what is displayed on the screen is to stand directly in front of it.

Certain models of credit card readers have the keypad recessed, and employ a rubber shield that surrounds a significant part of the opening towards the keypad. This makes shoulder-surfing significantly harder, as seeing the keypad is limited to a much more direct angle than previous models. Taken further, some keypads alter the physical location of the keys after each keypress. For example the digit 1 may be the upper left on the first press, then moves to the bottom right for the second. Also, security cameras are not allowed to be placed directly above an ATM.

An example of shoulder surfing is when renting a public locker, some people may choose a four digit PIN code which is the same as that for their credit or bank access card. A thief who obtains the locker code by shoulder surfing could then access the locker and take and use the credit or bank access card until the card account is blocked.

Retrieved from "http://en.wikipedia.org/wiki/Shoulder_surfing_%28computer_security%29"
Advanced Search
Included Web Search Engines


Safe Search

close

Top Matching Results

Occasionally Search.com will highlight specialized results that are based on the context of your query. Examples of specialized results include specific links to news, images, or video.

Top Matching Results may highlight information from other Search.com pages, content from the CNET Network of sites, or third party content. The listings are based purely on relevance. Search.com does not receive payment for listings in this section but our partners that provide this data may get paid for listing these products.

Sponsored Links

This section contains paid listings which have been purchased by companies that want to have their sites appear for specific search terms and related content. These listings are administered, sorted and maintained by a third party and are not endorsed by Search.com.

Search Results

Search.com sends your search query to several search engines at one time and integrates the results into one list which has been sorted by relevance using Search.com's proprietary algorithm. You can customize the list of search engines included in your metasearch from the preferences.

The search engines that are used in your metasearch may allow companies to pay to have their Web sites included within the results. To view the Paid Inclusion policy for a specific search engine, please visit their Web site. Search.com does not accept payment or share revenue with any search engine partner for listings in this section.