Shoulder surfing is when an attacker watches a user enter a password or pin number. As a key punch door only requires a pin number which means anyone with the pin number has access and is susceptible to shoulder surfing. By replacing the key punch with a proximity reader shoulder surfing is not an issue as the proximity reader will require the attacker to also have a physical token to gain access. Tailgating is when an attacker enters an open door before it closes (after an authorized user opens). This can only be mitigated by user training and man traps.
In computer security, shoulder surfing is a type of social engineering technique used to obtain information such as personal identification numbers (PINs), passwords and other confidential data by looking over the victim's shoulderThis attack can be performed either at close range (by directly looking over the victim's shoulder) or from a longer range, for example by using a pair of binoculars or similar hardware To implement this technique attackers do not require any technical skills keen observation of victims' surroundings and the typing pattern is sufficient Crowded places are the more likely areas for an attacker to shoulder surf the victim