A duress code is a covert distress signal used by an individual who is being coerced by one or more hostile persons. It is used to warn others that they are being forced to do something against their will. Typically, the warning is given via some innocuous signal embedded in normal communication, such as a code-word or phrase spoken during conversation to alert other personnel. Alternatively, the signal may be incorporated into the authentication process itself, typically in the form of a panic password, distress password, or duress PIN that is distinct from the user's normal password or PIN. These concepts are related to a panic alarm and often achieve the same outcome.
An alarm system with a keypad; entering the duress code and pressing OFF disarms the system normally but notifies police.
Some home and property alarm systems have duress PINs, where the last two digits of the reset code are switched around. Entering the code when under duress from an assailant can trigger a silent alarm, alerting police or security personnel in a covert manner. The implementation of this feature has not been without controversy, as it has been claimed to lead to false alarms.[1] A similar mechanism, SafetyPIN, has been proposed for use in ATMs. In 2010, the Federal Trade Commission issued a report studying the viability of such mechanisms for ATMs.[2] They noted duress PINs have never been actually implemented in any ATM, and conclude that the costs of deployment outweighs the likelihood they will actually deter criminal activity.
When a duress PIN is used to trigger a silent alarm, an adversary can always request the PIN in advance and ensure the appropriately modified PIN is entered instead. If the adversary does not know which PIN is correct, they may choose randomly between the two possible codes allowing them to succeed half of the time.[3]
In scenarios where a panic password is used to limit access control, instead of triggering an alarm, it is insufficient to have a single panic password. If the adversary knows the system, a common assumption, then they will simply force the user to authenticate twice using different passwords and gain access on at least one of the two attempts. More complex panic password schemes have been proposed to address this problem.[3][4]
For cases where verbal communication (e.g. via cell phone) is possible with family member or friend, a covert phrase can be used to signal duress. In the slim chance that a captor allows the person in duress to use their cell phone (e.g. to obtain a PIN), there is a limited opportunity to use a duress code. Because conversations are often being monitored by a captor, they must be subtle and short. Ideally, the use of a duress code has been confirmed before the current situation, so the family member or friend has verifiable evidence that something is wrong, and when the authorities are notified aren't just limited to speculation. Examples would include asking about someone (or something) who does not exist. For example, a person might use "What is Cindy barking at?" if she knows that either the dog has a different name or that there is no dog. Another example, which is also an widely shared urban legend, would be a person calling 911 for help and pretending to order pizza delivery.[5] While generally taken as an urban legend, this did happen in Brazil.[6]
In addition to a duress code, there is duress activity. This may include the duressed individual withdrawing cash from an ATM using a specific credit card, instead of using their debit card. Many credit card companies allow for email alerts to be set up when specific activity occurs. There are technical issues that could pose problems, such as a delay in notification, cellular network availability, and the fact that a location is not disclosed, only the activity.
Civilian and commercial aircraft can use transponder code 7500 as a duress code to indicate hijacking.[7][8] Airlines maintain a verbal hijack code, as well.[9]
Military usage
A World War II duress code was used over the telephone by SOE agents in occupied Europe, and involved giving a coded answer when someone checked whether it was convenient to visit a safe-house. If it was genuinely safe to visit, the answer would be "No, I'm too busy." However, if the safe-house had been compromised (e.g. the Nazis had captured it, forcing the occupants to answer the phone at gunpoint in order to lure in other members of the SOE network) the captured agent would say "Yes, come on over." Having been warned that the safe-house had been compromised, the other agent would hang up the phone and immediately inform his team-members so that they could take appropriate action. Typically, this meant using escape and evasion procedures, before the captured agent was tortured by the Gestapo and forced to give incriminating information such as names and addresses.[citation needed]
In a major Cold War incident in 1968, the US Navy ship USS Pueblo was attacked and captured by North Korean forces, and the crew was abused and tortured during the subsequent 11 months. During that period, the North Koreans used the US crew for propaganda purposes, but the crew signaled their duress situation by secretly giving them "the finger" in staged photos.[10] Admiral Jeremiah Denton became famous for blinking out the word "TORTURE" in Morse code during a propaganda television broadcast when he was captured by North Vietnamese forces.
See also
Between Silk and Cyanide, a book by cryptographer Leo Marks describing, among other things, the misuse of duress radio codes by the OSS in World War II, leading to the capture of Dutch resistance agents
^(PDF). Archived from the original (PDF) on 2007-04-11. Retrieved 2007-03-17.{{cite web}}: CS1 maint: archived copy as title (link)
^"FTC Issues Report On Emergency Technology for Use With ATMs". Federal Trade Commission. 2010-05-07. Retrieved 2021-11-05.
^ abJ. Clark and U. Hengartner. Panic Passwords: Authenticating under duress 2013-07-22 at the Wayback Machine. USENIX Hot Topics in Security (HotSec) 2008
^Stefanov, Emil; Atallah, Mikhail (October 8, 2010). "Duress detection for authentication attacks against multiple administrators". Proceedings of the 2010 ACM workshop on Insider threats - Insider Threats '10. Association for Computing Machinery. pp. 37–46. doi:10.1145/1866886.1866895. ISBN9781450300926. S2CID 14679137 – via ACM Digital Library.
^"FACT CHECK: In Case of Intruder, Should You Ask 911 for a Pizza?". Snopes.com.
^"Ouça áudio de mulher que ligou para a PM e fingiu pedir pizza para denunciar violência doméstica". G1.
^Transport Canada (20 May 2010). "TP 14371 — Transport Canada Aeronautical Information Manual (TC AIM) RAC 1.9 Transponder Operation". Retrieved 21 August 2010.
^US Department of Transportation, Federal Aviation Administration. "JO 7110.66D, National Beacon Code Allocation Plan". US Government. Retrieved 26 April 2012.
^"CNN Transcripts". CNN. 15 March 2014. Retrieved 19 March 2014. ...every airline trains on a verbal hijack code...
^Stu, Russell. . USS Pueblo Veteran's Association. Archived from the original on 1 October 2010. Retrieved 30 September 2010. The finger became an integral part of our anti-propaganda campaign. Any time a camera appeared, so did the fingers.
External links
FTC Report On Emergency Technology For Use With ATMs
Duress Detection for Authentication Attacks Against Multiple Administrators
Military Access Control
January 07, 2023
duress, code, confused, with, dress, code, duress, code, covert, distress, signal, used, individual, being, coerced, more, hostile, persons, used, warn, others, that, they, being, forced, something, against, their, will, typically, warning, given, some, innocu. Not to be confused with Dress code A duress code is a covert distress signal used by an individual who is being coerced by one or more hostile persons It is used to warn others that they are being forced to do something against their will Typically the warning is given via some innocuous signal embedded in normal communication such as a code word or phrase spoken during conversation to alert other personnel Alternatively the signal may be incorporated into the authentication process itself typically in the form of a panic password distress password or duress PIN that is distinct from the user s normal password or PIN These concepts are related to a panic alarm and often achieve the same outcome Contents 1 Civilian usage 2 Military usage 3 See also 4 References 5 External linksCivilian usage Edit An alarm system with a keypad entering the duress code and pressing OFF disarms the system normally but notifies police Some home and property alarm systems have duress PINs where the last two digits of the reset code are switched around Entering the code when under duress from an assailant can trigger a silent alarm alerting police or security personnel in a covert manner The implementation of this feature has not been without controversy as it has been claimed to lead to false alarms 1 A similar mechanism SafetyPIN has been proposed for use in ATMs In 2010 the Federal Trade Commission issued a report studying the viability of such mechanisms for ATMs 2 They noted duress PINs have never been actually implemented in any ATM and conclude that the costs of deployment outweighs the likelihood they will actually deter criminal activity When a duress PIN is used to trigger a silent alarm an adversary can always request the PIN in advance and ensure the appropriately modified PIN is entered instead If the adversary does not know which PIN is correct they may choose randomly between the two possible codes allowing them to succeed half of the time 3 In scenarios where a panic password is used to limit access control instead of triggering an alarm it is insufficient to have a single panic password If the adversary knows the system a common assumption then they will simply force the user to authenticate twice using different passwords and gain access on at least one of the two attempts More complex panic password schemes have been proposed to address this problem 3 4 For cases where verbal communication e g via cell phone is possible with family member or friend a covert phrase can be used to signal duress In the slim chance that a captor allows the person in duress to use their cell phone e g to obtain a PIN there is a limited opportunity to use a duress code Because conversations are often being monitored by a captor they must be subtle and short Ideally the use of a duress code has been confirmed before the current situation so the family member or friend has verifiable evidence that something is wrong and when the authorities are notified aren t just limited to speculation Examples would include asking about someone or something who does not exist For example a person might use What is Cindy barking at if she knows that either the dog has a different name or that there is no dog Another example which is also an widely shared urban legend would be a person calling 911 for help and pretending to order pizza delivery 5 While generally taken as an urban legend this did happen in Brazil 6 In addition to a duress code there is duress activity This may include the duressed individual withdrawing cash from an ATM using a specific credit card instead of using their debit card Many credit card companies allow for email alerts to be set up when specific activity occurs There are technical issues that could pose problems such as a delay in notification cellular network availability and the fact that a location is not disclosed only the activity Civilian and commercial aircraft can use transponder code 7500 as a duress code to indicate hijacking 7 8 Airlines maintain a verbal hijack code as well 9 Military usage EditA World War II duress code was used over the telephone by SOE agents in occupied Europe and involved giving a coded answer when someone checked whether it was convenient to visit a safe house If it was genuinely safe to visit the answer would be No I m too busy However if the safe house had been compromised e g the Nazis had captured it forcing the occupants to answer the phone at gunpoint in order to lure in other members of the SOE network the captured agent would say Yes come on over Having been warned that the safe house had been compromised the other agent would hang up the phone and immediately inform his team members so that they could take appropriate action Typically this meant using escape and evasion procedures before the captured agent was tortured by the Gestapo and forced to give incriminating information such as names and addresses citation needed In a major Cold War incident in 1968 the US Navy ship USS Pueblo was attacked and captured by North Korean forces and the crew was abused and tortured during the subsequent 11 months During that period the North Koreans used the US crew for propaganda purposes but the crew signaled their duress situation by secretly giving them the finger in staged photos 10 Admiral Jeremiah Denton became famous for blinking out the word TORTURE in Morse code during a propaganda television broadcast when he was captured by North Vietnamese forces See also EditBetween Silk and Cyanide a book by cryptographer Leo Marks describing among other things the misuse of duress radio codes by the OSS in World War II leading to the capture of Dutch resistance agents SafewordReferences Edit Archived copy PDF Archived from the original PDF on 2007 04 11 Retrieved 2007 03 17 a href Template Cite web html title Template Cite web cite web a CS1 maint archived copy as title link FTC Issues Report On Emergency Technology for Use With ATMs Federal Trade Commission 2010 05 07 Retrieved 2021 11 05 a b J Clark and U Hengartner Panic Passwords Authenticating under duress Archived 2013 07 22 at the Wayback Machine USENIX Hot Topics in Security HotSec 2008 Stefanov Emil Atallah Mikhail October 8 2010 Duress detection for authentication attacks against multiple administrators Proceedings of the 2010 ACM workshop on Insider threats Insider Threats 10 Association for Computing Machinery pp 37 46 doi 10 1145 1866886 1866895 ISBN 9781450300926 S2CID 14679137 via ACM Digital Library FACT CHECK In Case of Intruder Should You Ask 911 for a Pizza Snopes com Ouca audio de mulher que ligou para a PM e fingiu pedir pizza para denunciar violencia domestica G1 Transport Canada 20 May 2010 TP 14371 Transport Canada Aeronautical Information Manual TC AIM RAC 1 9 Transponder Operation Retrieved 21 August 2010 US Department of Transportation Federal Aviation Administration JO 7110 66D National Beacon Code Allocation Plan US Government Retrieved 26 April 2012 CNN Transcripts CNN 15 March 2014 Retrieved 19 March 2014 every airline trains on a verbal hijack code Stu Russell The Digit Affair USS Pueblo Veteran s Association Archived from the original on 1 October 2010 Retrieved 30 September 2010 The finger became an integral part of our anti propaganda campaign Any time a camera appeared so did the fingers External links EditPanic Passwords Authenticating under Duress FTC Report On Emergency Technology For Use With ATMs Duress Detection for Authentication Attacks Against Multiple Administrators False Alarm Reduction Association Military Access Control Retrieved from https en wikipedia org w index php title Duress code amp oldid 1104463892, wikipedia, wiki, book, books, library,
