Times have changed, we are now in the 21-century, yet we're still using the age old password system, hackers now have state-of-the-art tools to steal our passwords, we also need better ways to protect ourselves, we need to be a few steps ahead of the hackers. The fact that accounts with traditional passwords will be hacked is a matter of "when" not "if", they are just one hidden camera/keylogger/phishing attempt away from being compromised. Let's wake up to the cruel reality, rather than pretending not to see it by playing ostrich, hackers will see what you don't want to see [ weakness in traditional passwords ] and take advantage of it, a chain is only as strong as its weakest link ! Let's face it and fix this weak link !
As of July 2020, there are 15 Billion Credentials Currently Up for Grabs on Hacker Forums [ https://threatpost.com/15-billion-credentials-currently-up-for-grabs-on-hacker-forums/157247/ ] . World population is now 7.8 Billion, if you take out half of it from poor countries that don't have a lot of computers, there will be around 4 Billion left in developed countries with computers and online accounts, so that means averagely speaking, we all have 3 or 4 accounts breached !
In this video [ https://www.youtube.com/embed/moTGl6NZk9o?autoplay=1&start=1014 ] you can see how hackers intercepted user passwords from far away, which seems like a safe distance from the user, yet the hackers were able to figure out user passwords by looking at their finger movements and analyze the data to steal the passwords.
What it does
GATE is a revolutionary password/passcode entry process that retains account security even in situations where potential intruders witness the entries being made. Based on user password choice, server renders password entry buttons/tokens on a screen, rendering multiple characters per button. When button selection is made by a user there is no way for an observer to know the actual password due to the multiple characters per button. This makes GATE an interception-resistant authentication system which increases passcode strength exponentially.
Each subsequent rendering of buttons by the server will be unique, based on the GATE algorithm, ensuring button selection cannot simply be repeated based on button location in order to infiltrate an account. Due to the rendering process required in order to present password buttons to a user, a server has to already know the password of the user in order to render an appropriate array of buttons. Therefore bogus or malicious servers will not be able to render an appropriate array of buttons to a user, which allows the user to recognize whether or not the screen he is looking at is being controlled by the appropriate body. In traditional password system, server authenticates user, yet with GATE, user also authenticates server, therefore defeat phishing by design.
GATE can use short and easy to remember passcodes to defeat peeking, wiretapping, keylogging, phishing and dictionary attack without the restrictions of lowercase, uppercase, numbers & special characters !
Fixed passwords have the advantage of easy to remember, one time passwords have the advantage of hard to hack, GATE passcode is a fixed passcode to the user, but from the hackers' perspective, it changes every time, GATE passcodes have the best of both worlds, short [ 3 to 6 digit ] and easy to remember, yet secure and hard to hack.
How I built it
Java , Android
Challenges I ran into
Learn the Android system.
Accomplishments that I'm proud of
I've received 2 US patents, one for GATE authentication [ user login ], another one for GATE encryption [ massage/data encryption ], and I've also applied for PCT international patents in 50 nations.
GATE has won 6 international cyber security innovation awards : https://gatecybertech.com/gate.html#awards
It has also won high praises from cyber security experts : https://gatecybertech.com/gate_feedbacks.html#feedbacks
What I learned
Think like hackers in order to defeat them.
What's next for GATE _Android
Let everybody enjoy a safer digital world.