Cashtags: Prevent Leaking Sensitive Information through Screen Display
Mobile computing is the new norm. As people feel increasingly comfortable computing in public places such as coffee shops and transportation hubs, the risk of exposing sensitive information increases. While solutions exist to guard the communication channels used by mobile devices, the visual channel remains, to a significant degree, open. These solutions aim only to prevent the visual leakage of password entries. However, once the uses has been successfully authenticated, all accessed sensitive information is displayed in full view. No existing mechanism allows arbitrary data to be marked as sensitive. Shoulder surfing is becoming a viable threat in a world where sensitive information from images can be extracted with modest computing power.
In response, we present Cashtags: a system to defend against attacks on mobile devices based on visual observations. The system allows users to access sensitive information in public without the fear of visual leaks. This is accomplished by intercepting sensitive data elements before they are displayed on screen, then replacing them with non-sensitive information. In addition, the system provides a means of computing with sensitive data in a non-observable way.