GATE Problem Solution Benefits 中文 Application Threats Statistics Videos

GATE [ Graphic Access Tabular Entry ]

An Interception-resistant
Passcode Anti-theft Authentication System


User passcode choice is made, during registration, from a large set of characters that includes numbers, letters, signs and other symbols. The characters / symbols available can be customized by organizations using the GATE process.

To authenticate, after user enters user name the server renders an array of entry buttons for the user to enter passcode. Each button will have multiple characters with user pins mixed in with other symbols.

When button selection is made by a user, an observer won't know the actual passcode due to the multiple characters per button. Each subsequent rendering of buttons by the server will be unique, based on the GATE algorithm, ensuring button selection cannot simply be repeated based on button location in order to infiltrate an account.

Due to the rendering process required in order to present passcode buttons to a user, a server has to already know the passcode of the user in order to render an appropriate array of buttons.

Therefore bogus or malicious servers will not be able to render an appropriate array of buttons to a user, which allows the user to recognize whether or not the screen he is looking at is being controlled by the appropriate entity.

  • Since special symbols are part of GATE passcode by default, there is no need for the requirements of lowercase、uppercase、numbers and special characters, which makes it easier for users to create and remember their passcodes.
  • By hiding user pins among other symbols, GATE increases passcode strength exponentially.
  • The buttons are rendered with symbols of the same category in the same position, e.g. all numbers are on the upper left side of the buttons, all alphabet is on the upper right side, this speeds up button selection. Once users learn the rules of the GATE system, it's easy to use.
  • Because the GATE system is software based, it depends on the knowledge users have about their passcodes, there is no special hardware to purchase/possess, install, imitate, carry or be stolen.
  • The passcodes are stored on the server, and they are encrypted with any trusted encryption method of choice.
  • The symbols used in the GATE system are Unicode based, which is available in all modern operating systems of different platforms, therefore there is no need to upload and maintain any image.
  • The GATE system can not only be used for human to machine authentication, but it can also be used for machine to machine authentication.
  • Although the sample application is written in Java, GATE can be implemented with any preferred computer language.
  • GATE can defeat peeking、wiretapping、keylogging、phishing and dictionary attack.



This is how current password system is like :  weak  !

GATE
GATE



This is how GATE system is like :  secure  !

GATE
GATE



GATE_Benefit


GATE_Application


Cybersecurity Threats We All Face :

Know how passwords are stolen, so we can better protect them.

  • Peeking

    Peeking

  • Camcorder

    Video Recording

  • Wiretapping

    Wiretapping

  • Keylogging

    Keylogging

  • Phishing

    Phishing

  • Dictionary_Attack

    Dictionary Attack

  • Peeking

    Also known as shoulder surfing

    In computer security, shoulder surfing is a type of social engineering technique used to obtain information such as personal identification numbers (PINs), passwords and other confidential data by looking over the victim's shoulder.

    [1] This attack can be performed either at close range (by directly looking over the victim's shoulder) or from a longer range, for example by using a pair of binoculars or similar hardware.

    [2] To implement this technique attackers do not require any technical skills; keen observation of victims' surroundings and the typing pattern is sufficient.

    Crowded places are the more likely areas for an attacker to shoulder surf the victim. In the early 1980s, shoulder surfing was practiced near public pay phones to steal calling card digits and make long distance calls or sell them in the market.

  • Video Recording

    Use long distance or hidden camera

    The advent of modern-day technologies like long distance or hidden cameras makes a hacker's job easier and gives more scope for the attacker to perform long range information stealing.

    A hidden camera allows the attacker to capture whole login process and other confidential data of the victim, which ultimately could lead to financial loss or identity theft.

    Apart from threats to password or PIN entry, hidden camera also occurs in daily situations to uncover private content on handheld mobile devices; stolen visual content can leak sensitive information and even private information about third-parties.

  • Wiretapping

    Also known as a bug on the wire

    Wiretapping is the surreptitious electronic monitoring of telephone, telegraph, cellular, fax or Internet-based communications.

    Wiretapping is achieved either through the placement of a monitoring device informally known as a bug on the wire in question or through built-in mechanisms in other communication technologies. A wire maybe tapped into either for live monitoring or recording.

    Packet sniffers -- programs used to capture data being transmitted on a network -- are a commonly-used modern-day wiretapping tool. A variety of other tools, such as wiretap Trojans, are used for different applications.

  • Keylogging

    Also known as keystroke logging or system monitoring

    Keylogging is a type of surveillance technology used to monitor and record each keystroke typed on a specific computer's keyboard. Keylogger software is also available for use on smartphones, such as Apple's iPhone and Android devices.

    Keyloggers are often used as a spyware tool by cybercriminals to steal personally identifiable number (PIN), login credentials and sensitive enterprise data.

    A hardware-based keylogger is a small device that serves as a connector between the computer keyboard and the computer. The device is designed to resemble an ordinary keyboard PS/2 connector, part of the computer cabling or a USB adaptor, making it relatively easy for someone who wants to monitor a user's behavior to hide such a device.

  • Phishing

    Phishing is an example of social engineering

    Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.

    The word is a neologism created as a homophone of fishing due to the similarity of using a bait try to catch a victim.

    Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter personal information at a fake website, the look and feel of which are identical to the legitimate site, the only difference being the URL of the website in concern. Communications purporting to be from social web sites, auction sites, banks, online payment processors or IT administrators are often used to lure victims. Phishing emails may contain links to websites that distribute malware.

  • Dictionary Attack

    Is a type of brute force attack

    In cryptanalysis and computer security, a dictionary attack is a method of hacking into a password-protected computer or server by systematically entering every word in a dictionary as a password in an attempt to find the right one.

    Dictionary attacks are often successful because many users and businesses use ordinary words as passwords. These ordinary words are easily found in a dictionary, such as an English dictionary.

    There are many softwares available in the online market which can perform dictionary attacks.

    After all, the easiest way to attack a system is through the front door, and there must be some way to log in, therefore a hacker will try every possibility to get in.

Threats

Cybersecurity Statistics No One Can Ignore :

  • Hacked passwords cause :

    81 %
    of data breaches

  • Every :

    11 seconds
    there is a hacker attack

  • Cyber crime damage costs to hit :

    $11 trillion
    annually by 2025

  • Cybersecurity spending to exceed :

    $1 trillion
    from 2017 to 2021

  • The average cost of a data breach is :

    $5 million
    as of 2024

  • Cybercrime Up :

    600 %
    Due To COVID-19 Pandemic

Weak passwords and phishing offer far easier mechanisms for breaking into most organizations than exploiting software vulnerabilities. A study by a US cybersecurity firm based on 100 penetration tests and 450 real-world attacks discovered that stolen credentials offer the best way into enterprise networks.

Videos :


Weaknesses And Inconvenience Of Current Authentication Systems
Keypad Pins Easily Stolen

Keypad Pins Easily Stolen
How To Steal Passwords

How To Steal Passwords
How Keylogger Works

How Keylogger Works
How Password Is Leaked

How Password Is Leaked
007 Fakes Fingerprint

007 Fakes Fingerprint
Deal With Iris Scanning

Deal With Iris Scanning
Multi-factor Leaks Info

Multi-factor Leaks Info
Snowden on Passwords

Snowden on Passwords
Password Requirements !

Password Requirements !
Do You Feel The Pain ?!

Do You Feel The Pain ?!



How The GATE System Can Be Easy To Use And Yet More Secure
Traditional vs GATE

Traditional vs GATE
GATE Passcode

GATE Passcode
How GATE Works

How GATE Works
GATE Demo Time Is 29:20

GATE Demo Time Is 29:20
GATE Advantage

GATE Advantage