{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,19]],"date-time":"2026-03-19T23:09:54Z","timestamp":1773961794730,"version":"3.50.1"},"reference-count":87,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2026]]},"DOI":"10.1109\/access.2026.3670319","type":"journal-article","created":{"date-parts":[[2026,3,4]],"date-time":"2026-03-04T20:51:06Z","timestamp":1772657466000},"page":"39926-39948","source":"Crossref","is-referenced-by-count":0,"title":["A Secure Augmented Reality (AR)-Based Authentication Mechanism for Automated Teller Machines"],"prefix":"10.1109","volume":"14","author":[{"given":"Md. Touhid","family":"Islam","sequence":"first","affiliation":[{"name":"Shahjalal University of Science and Technology, Sylhet, Bangladesh"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7789-9945","authenticated-orcid":false,"given":"Md Yeasin","family":"Ali","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, BRAC University, Dhaka, Bangladesh"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-2581-883X","authenticated-orcid":false,"given":"Md. Ishmam","family":"Tasin","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, BRAC University, Dhaka, Bangladesh"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Md. Masum Alam","family":"Nahid","sequence":"additional","affiliation":[{"name":"Cryptic Consultancy Ltd., London, U.K."}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fairuz Rahaman","family":"Chowdhury","sequence":"additional","affiliation":[{"name":"Cryptic Consultancy Ltd., London, U.K."}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1021-7986","authenticated-orcid":false,"given":"Hossain","family":"Shahriar","sequence":"additional","affiliation":[{"name":"Center for Cybersecurity and AI, University of West Florida, Pensacola, FL, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9902-6291","authenticated-orcid":false,"given":"Farida","family":"Chowdhury","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, BRAC University, Dhaka, Bangladesh"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6740-4216","authenticated-orcid":false,"given":"S. M. Taiabul","family":"Haque","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, BRAC University, Dhaka, Bangladesh"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8361-4870","authenticated-orcid":false,"given":"Md Sadek","family":"Ferdous","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, BRAC University, Dhaka, Bangladesh"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"issue":"5","key":"ref1","first-page":"95","article-title":"A review on authentication methods","volume":"7","author":"Idrus","year":"2013","journal-title":"Austral. J. Basic Appl. Sci."},{"key":"ref2","volume-title":"Found on ATM in Andheri: Card Data Copier, Camera to Watch PIN","year":"2024"},{"key":"ref3","article-title":"Investigation of the shoulder surfing risk in relation to mobile working","author":"Goucher","year":"2018"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274702"},{"key":"ref5","volume-title":"Card Skimming and Shimming","year":"2024"},{"key":"ref6","volume-title":"Skimming","year":"2024"},{"key":"ref7","volume-title":"Terminal Related Fraud Attacks Fall in Europe","author":"Gunn","year":"2023"},{"key":"ref8","volume-title":"U.K. Cash Machine Fraud Losses 2003\u20132020 | Statista","year":"2024"},{"key":"ref9","first-page":"1687","article-title":"Hand me your PIN! Inferring ATM PINs of users typing with a covered hand","volume-title":"Proc. 31st USENIX Secur. Symp. (USENIX Secur.)","author":"Cardaioli"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.2753\/mis0742-1222240302"},{"key":"ref11","volume-title":"ProVerif","year":"2024"},{"key":"ref12","first-page":"355","article-title":"ATM security: A case study of a logical risk assessment","volume-title":"Proc. ICSEA 10th Int. Conf. Softw. Eng. Adv.","author":"Braeuer"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.25081\/jes.2020.v11.6201"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1088\/1742-6596\/1712\/1\/012007"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-015-0104-3"},{"key":"ref16","volume-title":"Message Authentication Codes (MACs)","year":"2024"},{"issue":"10","key":"ref17","doi-asserted-by":"crossref","first-page":"646","DOI":"10.5594\/J16444","article-title":"Standards","volume":"110","author":"Miller","year":"2001","journal-title":"SMPTE J."},{"key":"ref18","volume-title":"Everything You Need to Know About ATM Attacks and Fraud: Part 2 | Malwarebytes Labs","author":"Umawing","year":"2023"},{"key":"ref19","volume-title":"Introducing Orion, Our First True Augmented Reality Glasses | Meta","year":"2024"},{"key":"ref20","article-title":"A systematic review of PIN-entry methods resistant to shoulder-surfing attacks","volume":"101","author":"Binbeshr","year":"2020","journal-title":"Comput. & Secur."},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/ICWITE59797.2024.10502656"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1007\/s10015-023-00890-y"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/3334480.3382827"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/TIM.2023.3241081"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.23919\/ICITST51030.2020.9351349"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/VRW62533.2024.00016"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.3390\/s21062242"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/ICSEC47112.2019.8974686"},{"issue":"2","key":"ref29","first-page":"65","article-title":"Usability evaluation of randomized keypad","volume":"5","author":"Ryu","year":"2010","journal-title":"J. Usability Stud."},{"key":"ref30","first-page":"1","article-title":"RandomPad: Usability of randomized mobile keypads for defeating inference attacks","volume-title":"Proc. IEEE Euro S&P Workshop Innov. Mobile Privacy & Secur. (IMPS)","author":"Maiti"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/3568444.3568450"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/PERCOMW.2017.7917636"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2017.7997251"},{"key":"ref34","article-title":"A framework for describing alternative keyboard structures in augmented reality","volume-title":"Proc. 23rd Annu. Conf. Southern Assoc. Inf. Syst.","author":"Reed"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-99-9811-1_41"},{"issue":"1","key":"ref36","first-page":"5","article-title":"Improvement of a PIN-entry method resilient to shoulder-surfing and recording attacks in ATM","volume":"2","author":"Preema","year":"2018","journal-title":"Invention J. Res. Technol. Eng. Manage. (IJRTEM)"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/3175684.3175706"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/ICSTEM61137.2024.10560717"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1145\/3678573"},{"key":"ref40","volume-title":"Threat Modeling: Designing for Security","author":"Shostack","year":"2014"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1016\/B978-1-59-749951-4.00007-2"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2021.03.011"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1007\/s00521-016-2317-5"},{"key":"ref44","volume-title":"React Native \u22c5 Learn Once, Write Anywhere","year":"2024"},{"key":"ref45","volume-title":"Overview","year":"2024"},{"key":"ref46","volume-title":"React","year":"2024"},{"key":"ref47","volume-title":"Node.js\u2014Run JavaScript Everywhere","year":"2024"},{"key":"ref48","volume-title":"Express-Node.js Web Application Framework","year":"2024"},{"key":"ref49","volume-title":"Financial Transaction card Originated Messages\u2013Interchange Message Specifications\u2014Part 1: Messages, Data Elements and Code Values","year":"2024"},{"key":"ref50","volume-title":"Fisher-Yates Shuffle","year":"2023"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1145\/272991.272995"},{"key":"ref52","volume-title":"Encrypting PIN Pad (EPP)","year":"2024"},{"key":"ref53","volume-title":"Home-SIZ GmbH-EBICS.org","year":"2024"},{"key":"ref54","volume-title":"ISO 20022: Standards | Swift","year":"2024"},{"key":"ref55","volume-title":"Fisher\u2013Yates Shuffle-Wikipedia","year":"2025"},{"key":"ref56","article-title":"Verifying the Fisher-yates shuffle algorithm in dafny","author":"Zetzsche","year":"2025","journal-title":"arXiv:2501.06084"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1137\/s0097539793244708"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1145\/73007.73009"},{"key":"ref59","volume-title":"Leftover Hash Lemma","year":"2024"},{"key":"ref60","volume-title":"Universal Hash Families and the Leftover Hash Lemma, and Applications to Cryptography and Computing","author":"Stinson","year":"2001"},{"key":"ref61","volume-title":"Leftover Hash Lemma-Wikipedia","year":"2025"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1201\/9781420057607-14"},{"key":"ref63","volume-title":"Monte Carlo Simulation","year":"2024"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134609"},{"key":"ref65","first-page":"5449","article-title":"Eye-shield: Real-time protection of mobile device screen information from shoulder surfing","volume-title":"Proc. 32nd USENIX Secur. Symp. (USENIX Secur.)","author":"Tang"},{"key":"ref66","volume-title":"Audit ATM-Replay Attack-Hacking Lab","year":"2024"},{"key":"ref67","first-page":"5","article-title":"ProVerif 2.00: Automatic cryptographic protocol verifier, user manual and tutorial","volume":"16","author":"Blanchet","year":"2018","journal-title":"Version From"},{"issue":"3","key":"ref68","doi-asserted-by":"crossref","first-page":"319","DOI":"10.2307\/249008","article-title":"Perceived usefulness, perceived ease of use, and user acceptance of information technology","volume":"13","author":"Davis","year":"1989","journal-title":"MIS Quart."},{"issue":"4","key":"ref69","doi-asserted-by":"crossref","first-page":"695","DOI":"10.2307\/25148660","article-title":"User acceptance of hedonic information systems","volume":"28","author":"van der Heijden","year":"2004","journal-title":"MIS Quart."},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1007\/bf02723327"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2004.64"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.4236\/ijcns.2016.910034"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1109\/I2C2.2017.8321773"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1109\/ICCCT2.2015.7292738"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1109\/CSCI.2017.11"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1109\/SECURWARE.2009.43"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1109\/ICIIECS.2015.7192993"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-10-8681-6_41"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1109\/MobileCloud.2015.16"},{"key":"ref80","doi-asserted-by":"publisher","DOI":"10.1109\/ICGCIoT.2018.8753042"},{"key":"ref81","doi-asserted-by":"publisher","DOI":"10.1109\/ICMICA48462.2020.9242713"},{"key":"ref82","doi-asserted-by":"publisher","DOI":"10.9734\/ajrcos\/2020\/v5i330135"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.1145\/3396730.3396735"},{"key":"ref84","doi-asserted-by":"publisher","DOI":"10.1109\/ICICV62344.2024.00112"},{"key":"ref85","first-page":"949","article-title":"IoT\u2013based ATM pin entry by random word generator using design thinking framework","volume-title":"Proc. 9th Int. Conf. Adv. Comput. Commun. Syst. (ICACCS)","volume":"1","author":"Aruna"},{"key":"ref86","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3013212"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.1109\/SWC50871.2021.00012"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/6287639\/11323511\/11421308.pdf?arnumber=11421308","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,19]],"date-time":"2026-03-19T20:08:28Z","timestamp":1773950908000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11421308\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"references-count":87,"URL":"https:\/\/doi.org\/10.1109\/access.2026.3670319","relation":{},"ISSN":["2169-3536"],"issn-type":[{"value":"2169-3536","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]}}}