Skip to main content
SpringerLink
Log in

Authentication of Choice on Mobile Devices: A Preliminary Investigation

  • Conference paper
  • First Online:
HCI International 2020 - Late Breaking Papers: User Experience Design and Case Studies (HCII 2020)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 12423))

Included in the following conference series:

  • 1645 Accesses

Abstract

Authentication is a security measure designed to allow authorized users to use the system securely with minimum interference on the usability of the system. Although numerous user studies had examined various authentication methods such as traditional alphanumeric password, graphical password, and biometrics, very limited research investigated users’ performance and preference when they were allowed to choose the authentication method(s) of their choice for a specific application. This study was conducted as an initial attempt to fill in that gap. We developed a mobile application called the ‘Event manager’ that offers calendar and file management functions. Regarding the authentication, the ‘Event manager’ app provides users the freedom to choose their preferred authentication method(s) among five commonly adopted authentication mechanisms. We conducted an empirical user study with a ‘within-group’ design to investigate users’ initial interaction with three different types of authentication processes: alphanumeric passwords, one-factor authentication of choice, and two-factor authentication of choice. 75 participants completed the study. The result of the study will help understand users’ general perception regarding the ‘authentication of choice’ approach as well as their preferred authentication method or combination of methods in the context of mobile devices.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  • Aviv, A.J., Gibson, K., Mossop, E., Blaze, M., Smith, J.M.: Smudge attacks on smartphone touch screens. In: Proceedings of the 4th USENIX Conference on Offensive Technologies, pp 1–7. USENIX Association, Berkeley (2010). http://dl.acm.org/citation.cfm?id=1925004.1925009

  • Banyal, R.K., Jain, P., Jain, V.K.: Multi-factor authentication framework for cloud computing. In: Proceedings of the Fifth International Conference on Computational Intelligence, Modelling and Simulation (CIMSim), Seoul, Korea, 24–25 September 2013, pp. 105–110 (2013)

    Google Scholar 

  • Beautement, A., Sasse, M.A., Wonham, M.: The compliance budget: managing security behavior in organizations. In: Proceedings of the Workshop on New Security Paradigms, pp. 47–58 (2010). https://doi.org/10.1145/1595676.1595684

  • Belk, M., Fidas, C., Germanakos, P., Samaras, G.: Security for diversity: studying the effects of verbal and imagery processes on user authentication mechanisms. In: Kotzé, P., Marsden, G., Lindgaard, G., Wesson, J., Winckler, M. (eds.) INTERACT 2013. LNCS, vol. 8119, pp. 442–459. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40477-1_27

    Chapter  Google Scholar 

  • Clarke, R.: Sufficiently Rich Model of (id)Entity, Authentication and Authorization (2010). http://www.rogerclarke.com/ID/IdModel1002.html#MAc

  • Cohen, S., Ben-Asher, N., Meyer, J.: Towards information technology security for universal access. In: Stephanidis, C. (ed.) UAHCI 2011. LNCS, vol. 6765, pp. 443–451. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21672-5_48

    Chapter  Google Scholar 

  • Cranor, L.F., Buchler, N.: Better together: usability and security go hand in hand. In: IEEE Security & Privacy, vol. 12, no. 6, pp. 89–93 (2014). https://doi.org/10.1109/msp.2014.109

  • De Cristofaro, E., Du, H., Freudiger, J., Norcie, G.: A comparative usability study of two-factor authentication. arXiv preprint arXiv:1309.5344 (2013)

  • Fairweather, P., Hanson, V., Detweiler, S., Schwerdtfeger, R.: From assistive technology to a web accessibility service. In: Proceedings of the 5th International ACM Conference on Assistive Technologies (ASSETS). pp. 4–8. ACM (2002)

    Google Scholar 

  • Gutmann, P., Grigg, I.: Security usability. IEEE Secur. Priv. 3(4), 56–58 (2005)

    Article  Google Scholar 

  • Habtamu, A.: Different Ways to Authenticate Users with the Pros and Cons of each Method, Norsk Regnesentral, Norwegian (2006)

    Google Scholar 

  • Jain, A., Ross, A., Nandakumar, K.: Introduction to Biometrics. Springer, Boston (2011). https://doi.org/10.1007/978-0-387-77326-1

    Book  Google Scholar 

  • Katsini, C., Belk, M., Fidas, C., Avouris, N., Samaras, G.: Security and usability in knowledge-based user authentication: a review (2016). https://doi.org/10.1145/3003733.3003764

  • Kemp, S.: Digital in 2017: global overview. We are social (2017). https://wearesocial.com/specialreports/digital-in-2017-global-overview

  • Konoth, R.K., van der Veen, V., Bos, H.: How anywhere computing just killed your phone-based two-factor authentication. In: Grossklags, J., Preneel, B. (eds.) FC 2016. LNCS, vol. 9603, pp. 405–421. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54970-4_24

    Chapter  Google Scholar 

  • Lampson, B.W.: Computer security in the real world. IEEE Comput. 37(6), 37–46 (2004)

    Article  Google Scholar 

  • Marcin, R., Khalid, S., Mariusz, R., Marek, T., Marcin, A.: User authentication for mobile devices. In: 12th International Conference on Information Systems and Industrial Management (CISIM), Krakow, Poland, September 2013, pp. 47–58 (2013)

    Google Scholar 

  • O’Gorman, L.: Comparing passwords, tokens, and biometrics for user authentication. Proc. IEEE 91(2003), 2021–2040 (2003)

    Article  Google Scholar 

  • Park, Y.H., et al.: A multimodal biometric recognition of touched fingerprint and finger-vein. In: 2011 International Conference on Multimedia and Signal Processing, vol. 1, pp. 247–250 (2011)

    Google Scholar 

  • Renaud, K.: Quantification of authentication mechanisms - a usability perspective. J. Web Eng. 3(2), 95–123 (2004)

    Google Scholar 

  • Sailer, R., Zhang, X., Jaeger, T., Van Doorn, L.: Design and implementation of a TCG based integrity measurement architecture. In: Proceedings of the 13th Conference on USENIX Security Symposium, SSYM 2004, vol. 13, p. 16. USENIX Association, Berkeley (2004)

    Google Scholar 

  • Mayron, L.M., Hausawi, Y., Bahr, G.S.: Secure, usable biometric authentication systems. In: Stephanidis, C., Antona, M. (eds.) UAHCI 2013. LNCS, vol. 8009, pp. 195–204. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39188-0_21

    Chapter  Google Scholar 

  • Teh, P.S., Zhang, N., Tan, S.: Strengthen user authentication on mobile devices by using user’s touch dynamics pattern. J Ambient Intell. Human Comput. (2019). https://doi.org/10.1007/s12652-019-01654-y

  • Yee, K.-P.: User interaction design for secure systems. In: Deng, R., Bao, F., Zhou, J., Qing, S. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 278–290. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36159-6_24

    Chapter  Google Scholar 

  • Zakaria, N.H., Grifths, D., Brostof, S., Yan, J.: Shoulder surfing defense for recall-based graphical passwords. In: Proceedings of the Seventh Symposium on Usable Privacy and Security, pp. 6:1– 6:12. ACM, New York (2011). https://doi.org/10.1145/2078827.2078835

Download references

Acknowledgements

We would like to thank Edward Miklewski for his assistance in data collection. We also want to thank all the participants.

Author information

Authors and Affiliations

  1. Towson University, Towson, USA

    Akintunde Jeremiah Oluwafemi & Jinjuan Heidi Feng

Authors
  1. Akintunde Jeremiah Oluwafemi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jinjuan Heidi Feng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Akintunde Jeremiah Oluwafemi or Jinjuan Heidi Feng .

Editor information

Editors and Affiliations

  1. University of Crete and Foundation for Research and Technology – Hellas (FORTH), Heraklion, Crete, Greece

    Constantine Stephanidis

  2. Aaron Marcus and Associates, Berkeley, CA, USA

    Aaron Marcus

  3. World Usability Day and Bentley User Experience Center, Newton Center, MA, USA

    Elizabeth Rosenzweig

  4. Tsinghua University, Beijing, China

    Pei-Luen Patrick Rau

  5. San Jose State University, San Jose, CA, USA

    Abbas Moallem

  6. Eindhoven Univesity of Technology, Eindhoven, Noord-Brabant, The Netherlands

    Matthias Rauterberg

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Oluwafemi, A.J., Feng, J.H. (2020). Authentication of Choice on Mobile Devices: A Preliminary Investigation. In: Stephanidis, C., Marcus, A., Rosenzweig, E., Rau, PL.P., Moallem, A., Rauterberg, M. (eds) HCI International 2020 - Late Breaking Papers: User Experience Design and Case Studies. HCII 2020. Lecture Notes in Computer Science(), vol 12423. Springer, Cham. https://doi.org/10.1007/978-3-030-60114-0_49

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-60114-0_49

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-60113-3

  • Online ISBN: 978-3-030-60114-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation