An article relating to this blog post on Finextra:
Apacs publishes PIN security guide
Apacs, the UK payments association, has today (16 August 2007) published a consumer advice guide - Protect your PIN - to remind cardholders of the need to keep their PIN safe and secure at all times.
UK payments body Apacs published a PIN security advice guide for consumers late last week reminding cardholders of the continued threat from counterfeiters and shoulder surfers. Despite the introduction of Chip and PIN technology in the UK, card skimming
and the subsequent use of cloned cards in overseas networks remains a lucrative business for the criminal fraternity. Research conducted by Apacs shows that one-in-four cardholders ‘rarely’ or ‘never’ shield their PIN when entering it at a cash machine.
A research paper published by scientists at Stanford University last month suggests an alternative password-based system with the potential to shut out the threat from shoulder surfers and key-loggers. With EyePassword, a user enters their PIN by selecting
from an on-screen keyboard using only the orientation of their pupils. The system uses ‘gaze-based’ typing, a technique originally developed for disabled computer users as an alternative to normal keyboard and mouse input.
PDF explains the system in more detail and presents the results of user studies. The researchers conclude that the approach requires marginal additional entry time, has accuracy similar to traditional keyboard input, and provides an experience "preferred
by a majority of users".