TL;DR
Pixie is a camera-based two-factor authentication system for mobile and wearable devices that uses images of physical objects called trinkets, combining graphical password and physical token methods without requiring special hardware.
Contribution
Pixie introduces a novel, hardware-independent authentication method using image-based recognition of user-selected trinkets, with robust feature extraction and machine learning to improve security and usability.
Findings
False accept rate below 0.09% in brute force attack
Outperforms text passwords in memorability and speed
Accurate and user-friendly in field tests
Abstract
We introduce Pixie, a novel, camera based two factor authentication solution for mobile and wearable devices. A quick and familiar user action of snapping a photo is sufficient for Pixie to simultaneously perform a graphical password authentication and a physical token based authentication, yet it does not require any expensive, uncommon hardware. Pixie establishes trust based on both the knowledge and possession of an arbitrary physical object readily accessible to the user, called trinket. Users choose their trinkets similar to setting a password, and authenticate by presenting the same trinket to the camera. The fact that the object is the trinket, is secret to the user. Pixie extracts robust, novel features from trinket images, and leverages a supervised learning classifier to effectively address inconsistencies between images of the same trinket captured in different circumstances.…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
