Visual Hacking of Unmasked Pin Codes: Low-Tech But Signficant Potential Threat

As detailed at Ponemon’s recent 2016 Global Visual Hacking Experiment ( ) visual hacking appears to be a low-tech threat, but the consequences can be damaging as high-savvy cyberattacks. From Brightbox’s perspective, this threat could arise from as simple a technology solution as using “pin code as key” for mobile device charging lockers.

We think it is not paranoid to assume that visual hacking, physical spying, “eyeballing” and “shoulder surfing” security threats are all around us every day. It is pure common sense to assume that your personal data, in digital or physical form, is a bright and shiny object of desire, not just to black crows, but to hackers and thieves.

The sensitive data can be personal protected healthcare information, login credentials for e-commerce websites, company confidential info stored in the cloud, or sensitive personal financial information. Or the elemental info sought by thieves can be simple personal “pin codes” for door locks, storage or cellphone charging lockers.

Nike says: Just Do It!  Brightbox says: Just Do It Really Well!

A Brightbox example of cutting-edge technology implementation is our doubly secure “pin code as key” for secure mobile charging stations. Our pin code is doubly secure and masked: the user must enter a first 10 digit pin code on screen, followed by double entry of second 5 digit code. See a previous company article on this subject:

Brightbox, Inc. is the world’s leading provider of secure smartphone charging solutions. Our cellphone charging kiosks are managed via a linux-based platform that was developed in-house. For obvious security reasons we chose Linux over Windows. We offer either “free” or “paid” charging sessions, with a choice of 4 chamber key methods. Unlike our competition, we offer our clients and partners an “open” and protected platform for data reporting, fleet and interactive campaign management. Our technology solutions are thoughtful and cutting-edge in all aspects of physical and data security, at the levels of both kiosk and platform.

Whether it is our super strong charging station physical locks, our doubly secure on-screen pin code key methodology, our PCI-compliant end-to-end encrypted kiosk card readers for processing financial transactions (if any), the manner in which we transmit and manage data and information, or our third party penetration-test proven kiosk and platform, we deliver strongly on our promise of safety and security. And we do this in 8 countries now.

Recommended Posts