GrIDsure
Encyclopedia
GrIDsure was a personal identification system which extends the standard ‘shared-secret’ authentication model
to create a secure methodology whereby a dynamic ‘one-time’ password or PIN can be generated by a user. It could have been used to secure ATMs, POSs, mobile phones, dedicated devices, door locks and even as a paper-based solution. It was invented by Jonathan Craymer in November 2005 and was taken over by Stephen Howes after Craymer's departure in 2009. It had been named as one of Gartner's "Cool Vendors in Application Security & Authentication, 2008" companies, as well as being described as "near universal authentication" by Ovum, and as a real step forward by Bloor Research.
GrIDsure went into liquidation in October 2011 after poor sales and investor funding dried up.
The core of the patent pending methodology is one of ‘sequential pattern recognition’ of cells on a grid
. The user is challenged with a grid containing pseudo-randomly generated numbers and the user selects those numbers that accord with the pattern and sequence made by his chosen cells.
In this process the user needs to remember a pattern of his choice which he registers with the authenticator (the shared secret).
Since the user is using his secret pattern to select numbers from a grid square and then using those numbers to authenticate, he never actually ‘gives up’ his secret to the authenticator – he only communicates a ‘representation’ of his secret which is in the form of a selection from a random set of numbers.
Consequently there is nothing for a ‘keylogger’ to reverse-engineer and since the numbers are repeated several times in the grid-square, it is extremely difficult for a ‘shoulder-surfer’ to ascertain the pattern by observing the keystrokes and the gridsquare.
The user registration process and subsequent challenge-response process are described in more detail as follows:-
of the University of Cambridge
.
The full report outlines the mathematics of various GrIDsure grids, the probabilities of a thief guessing a PIN
or a Personal Identification Pattern (PIP), the chances of a thief reverse-engineering a PIP and the mathematical security of various sized grids and patterns. In an appendix to the main report, Professor Weber studies a number of likely fraud models in order to summarise in a single figure, how much more secure GrIDsure is than a traditional PIN.
"After performing further sensitivity analysis on our model we may conclude that it reasonable to say that against a plausible mix of risks GrIDsure is of the order of 100 times (i.e., two orders of magnitude) more secure than traditional pin.
He concludes:
This is one of the most beautiful ideas I have seen in many years of looking at algorithms and optimisation problems.
- Professor Richard R. Weber. Director, Statistical Laboratory, Cambridge University.
In March 2008, an independent security researcher, Mike Bond, identified flaws in the Gridsure authentication scheme, specifically commenting on Weber's analysis, and concluded:
The introduction to Dr Bond's paper states "This
document is not intended to be a fully representative or balanced appraisal of the scheme."
committed an independent usability trial.
This pilot study was carried out by the Department of Human Centered Systems/Department of Computer Science under the direction of Angela Sasse, Professor of Human-Centred Technology. With a background in Human-Computer Interaction, Prof. Sasse has been carrying out research since 1996 to develop a user-centred perspective on security, privacy and trust. She has investigated usability and effectiveness of a number of security mechanisms, including passwords and biometrics. She contributed a review to the 2004 Foresight
report on Cybertrust
and Crime Prevention, and was appointed a Specialist Advisor to the Home Affairs Committee for its enquiry into the proposed introduction of ID cards. She currently serves on the Biometrics Advisory Group, an independent expert panel that advises the Home Office
, and chairs the DTI Knowledge Transfer Network (KTN) on Human Vulnerabilities in Network Security.
The key objective of this pilot study were to:
Fifty (50) subjects were chosen of varying age and ability (six were over the age of 60). The trial was carried out on Windows PDAs with ‘soft’ keyboards and no colour on the grid (making the process more difficult than would occur in a real-life situation). A standard 5x5 grid was used and after first usage, subsequent checks were taken at periods of a few hours up to 11 weeks.
The key results of the study were :
In a covering letter to the study report, Professor Sasse states:
”Having looked at many mechanisms which have been proposed in recent years to overcome users' problems with PINs and passwords, this is the first one that has the potential to offer good usability and increased security at the same time” .
Chip and PIN
Chip and PIN is the brandname adopted by the banking industries in the United Kingdom and Ireland for the rollout of the EMV smartcard payment system for credit, debit and ATM cards.- History :...
to create a secure methodology whereby a dynamic ‘one-time’ password or PIN can be generated by a user. It could have been used to secure ATMs, POSs, mobile phones, dedicated devices, door locks and even as a paper-based solution. It was invented by Jonathan Craymer in November 2005 and was taken over by Stephen Howes after Craymer's departure in 2009. It had been named as one of Gartner's "Cool Vendors in Application Security & Authentication, 2008" companies, as well as being described as "near universal authentication" by Ovum, and as a real step forward by Bloor Research.
GrIDsure went into liquidation in October 2011 after poor sales and investor funding dried up.
How it Worked
See it workingThe core of the patent pending methodology is one of ‘sequential pattern recognition’ of cells on a grid
Grid (spatial index)
In the context of a spatial index, a grid is a regular tessellation of a manifold or 2-D surface that divides it into a series of contiguous cells, which can then be assigned unique identifiers and used for spatial indexing purposes...
. The user is challenged with a grid containing pseudo-randomly generated numbers and the user selects those numbers that accord with the pattern and sequence made by his chosen cells.
In this process the user needs to remember a pattern of his choice which he registers with the authenticator (the shared secret).
Since the user is using his secret pattern to select numbers from a grid square and then using those numbers to authenticate, he never actually ‘gives up’ his secret to the authenticator – he only communicates a ‘representation’ of his secret which is in the form of a selection from a random set of numbers.
Consequently there is nothing for a ‘keylogger’ to reverse-engineer and since the numbers are repeated several times in the grid-square, it is extremely difficult for a ‘shoulder-surfer’ to ascertain the pattern by observing the keystrokes and the gridsquare.
The user registration process and subsequent challenge-response process are described in more detail as follows:-
User registration
- The user registers a ‘Personal Identification Pattern’ (PIP) with the authenticator. (Alternatively the authenticator could pre-allocate a PIP to a user.) This becomes his shared secret.
- The grid can be almost any size or shape; however a 5x5 grid gives a good balance between ease of use and security in most situations.
- The PIP can be 4 cells (like a PIN) or any length you like.
General Use
- The user is presented with a grid populated with pseudo random symbols. (The symbols need not be numeric.)
- The user enters the symbols representing his pattern/sequence.
- The authenticator accepts or rejects the user.
- Every time the user is challenged he will be presented with a different grid and so will enter a different GrIDsure code.
Mathematical Security
A study was carried out on the statistical security of GrIDsure by Richard Weber in the Statistical LaboratoryFaculty of Mathematics, University of Cambridge
The Faculty of Mathematics at the University of Cambridge comprises the Department of Pure Mathematics and Mathematical Statistics and the Department of Applied Mathematics and Theoretical Physics . It is housed in the Centre for Mathematical Sciences site in West Cambridge, alongside the Isaac...
of the University of Cambridge
University of Cambridge
The University of Cambridge is a public research university located in Cambridge, United Kingdom. It is the second-oldest university in both the United Kingdom and the English-speaking world , and the seventh-oldest globally...
.
The full report outlines the mathematics of various GrIDsure grids, the probabilities of a thief guessing a PIN
Personal identification number
A personal identification number is a secret numeric password shared between a user and a system that can be used to authenticate the user to the system. Typically, the user is required to provide a non-confidential user identifier or token and a confidential PIN to gain access to the system...
or a Personal Identification Pattern (PIP), the chances of a thief reverse-engineering a PIP and the mathematical security of various sized grids and patterns. In an appendix to the main report, Professor Weber studies a number of likely fraud models in order to summarise in a single figure, how much more secure GrIDsure is than a traditional PIN.
"After performing further sensitivity analysis on our model we may conclude that it reasonable to say that against a plausible mix of risks GrIDsure is of the order of 100 times (i.e., two orders of magnitude) more secure than traditional pin.
He concludes:
This is one of the most beautiful ideas I have seen in many years of looking at algorithms and optimisation problems.
- Professor Richard R. Weber. Director, Statistical Laboratory, Cambridge University.
In March 2008, an independent security researcher, Mike Bond, identified flaws in the Gridsure authentication scheme, specifically commenting on Weber's analysis, and concluded:
"The Gridsure authentication mechanism remains largely unproven. Studies so far are flawed or taken out of context; my own initial studies indicate further weaknesses."
The introduction to Dr Bond's paper states "This
document is not intended to be a fully representative or balanced appraisal of the scheme."
Usability
University College LondonUniversity College London
University College London is a public research university located in London, United Kingdom and the oldest and largest constituent college of the federal University of London...
committed an independent usability trial.
This pilot study was carried out by the Department of Human Centered Systems/Department of Computer Science under the direction of Angela Sasse, Professor of Human-Centred Technology. With a background in Human-Computer Interaction, Prof. Sasse has been carrying out research since 1996 to develop a user-centred perspective on security, privacy and trust. She has investigated usability and effectiveness of a number of security mechanisms, including passwords and biometrics. She contributed a review to the 2004 Foresight
Foresight
Foresight or forethought may refer to:* Foresight , ability to predict or plan for the future* Foresight , management planning principle* Foresight , European planning mechanism for public policy...
report on Cybertrust
Cybertrust
CyberTrust was a security services company formed in Virginia in November 2004 as a result of a merger of the TruSecure and Betrusted security companies...
and Crime Prevention, and was appointed a Specialist Advisor to the Home Affairs Committee for its enquiry into the proposed introduction of ID cards. She currently serves on the Biometrics Advisory Group, an independent expert panel that advises the Home Office
Home Office
The Home Office is the United Kingdom government department responsible for immigration control, security, and order. As such it is responsible for the police, UK Border Agency, and the Security Service . It is also in charge of government policy on security-related issues such as drugs,...
, and chairs the DTI Knowledge Transfer Network (KTN) on Human Vulnerabilities in Network Security.
The key objective of this pilot study were to:
- See how easily people could learn to use GrIDsure
- To see how well they could recall the process after an extended period of time.
Fifty (50) subjects were chosen of varying age and ability (six were over the age of 60). The trial was carried out on Windows PDAs with ‘soft’ keyboards and no colour on the grid (making the process more difficult than would occur in a real-life situation). A standard 5x5 grid was used and after first usage, subsequent checks were taken at periods of a few hours up to 11 weeks.
The key results of the study were :
- “All participants grasped the notion quickly and easily”. All but two managed to use it first time and the remainder managed it with a little additional explanation.
- On subsequent tests, whilst some people were unsure of the process the vast majority nevertheless still managed to complete the task successfully.
- “There was a high level of success overall in entering the correct number sequence” (93.84%).
- Excluding the first time, on subsequent use with elapsed times up to 36.9 days, success rates remained high (92.63%).
In a covering letter to the study report, Professor Sasse states:
”Having looked at many mechanisms which have been proposed in recent years to overcome users' problems with PINs and passwords, this is the first one that has the potential to offer good usability and increased security at the same time” .
External links
- GrIDsure The company website
- The Institute of Engineering & Technology Grid Expectations
- The Register UK start-up tackles PIN fraud with patterns
- Info Security Magazine Card issuer to adopt graphical Pin randomiser
- Computing.co.uk banks seek fraud solutions
- Cambridge Evening News ID system the "perfect solution" to fight fraud
- The Guardian Unlimited Pick a pattern, not a PIN
- The Sunday Times Sudoku-style codes planned to defeat bank fraudsters
- "French Gridsure article" :fr:GridSure