Could The Emoji Replace The PIN?

The good people at Intelligent Environments say they can do better for security with their Emoji-based passcode system than the traditional numbers-based system. Why? Greater variety of potential combinations – there are more potential combinations of the 44 emojis than there are of the numbers 0-10.

And, they say, those passcodes are actually likely to be easier for users to remember since images tends to stick in the human mind somewhat better than strings of numbers and letters (especially if that string is random, which most security experts recommend in the hopes of making it harder to crack). If company reports are accurate, some digital banks have already expressed interest in the idea.

“Why can’t financial service be fun and innovative?” asked David Webber, managing director of Intelligent Environment, who noted the system is meant to appeal to younger users (those between the ages of 15 and 25).

“It’s just another method of logging in. I don’t think it’s patentable. But I do think we are the first people to have thought of it,” he told BBC.

So is this the shape of things to come in cybersecurity?

Cybersecurity expert Professor Alan Woodward said that in some sense this is the shape of things right now, since the use of patterns and images as opposed to letters and numbers has already been employed by some firms as a useful alternative.

“I think this is an interesting and potentially valuable step forward,” he noted. “If we persist in using passwords, which seem to be here for a while yet, we need to recognize how humans think and make these as easy to remember as possible. The combinations and permutations present a would-be hacker with having to run through a number of cycles that is even greater than they do for so-called dictionary attacks.”

However, Woodward did note that hackers are a shockingly resilient and adaptable group.

“But I’m sure there are hackers who will work on breaking into these systems, so I think it still makes sense to have some sort of two-factor authentication.”

And, as it turns out, this offers a chance for a system that is easier to break. People may be hardwired to remember pictures, but memory champion Michael Tipper told BBC that people will always find the easier way to generate something they are supposed to remember.

“Statistically it will be harder to crack – but if you’re presented with a screen of emojis and you can’t be bothered to remember a sequence, you’re going to pick the ones in the four corners or the top row – and then you are left with an equally insecure technology.”


To check out what else is HOT in the world of payments, click here.


Latest Insights: 

Our data and analytics team has developed a number of creative methodologies and frameworks that measure and benchmark the innovation that’s reshaping the payments and commerce ecosystem. Check out our April 2019 Unattended Retail Report. 



To Top