More Web Proxy on the site http://driver.im/

short-paper

Don't Use Fingerprint, it's Raining!: How People Use and Perceive Context-Aware Selection of Mobile Authentication

Authors:

Mohamed Khamis,

Florian AltAuthors Info & Claims

AVI '20: Proceedings of the 2020 International Conference on Advanced Visual Interfaces

Article No.: 54, Pages 1 - 5

https://doi.org/10.1145/3399715.3399823

Published: 02 October 2020 Publication History

Abstract

This paper investigates how smartphone users perceive switching from their primary authentication mechanism to a fallback one, based on the context. This is useful in cases where the primary mechanism fails (e.g., wet fingers when using fingerprint). While prior work introduced the concept, we are the first to investigate its perception by users and their willingness to follow a system's suggestion for a switch. We present findings from a two-week field study (N=29) using an Android app, showing that users are willing to adopt alternative mechanisms when prompted. We discuss how context-awareness can improve the perception of authentication reliability and potentially improve usability and security.

References

[1]

Matthias Baldauf, Sebastian Steiner, Mohamed Khamis, and Sarah-Kristin Thiel. 2019. Investigating the User Experience of Smartphone Authentication Schemes-The Role of the Mobile Context. In Proceedings of the 52nd Hawaii International Conference on System Sciences. https://hdl.handle.net/10125/59918

[2]

Rasekhar Bhagavatula, Blase Ur, Kevin Iacovino, Su Mon Kywe, Lorrie Faith Cranor, and Marios Savvides. 2015. Biometric authentication on iphone and android: Usability, perceptions, and influences on adoption. (2015). https://doi.org/10.14722/usec.2015.23003

[3]

Daniel Buschek and Florian Alt. 2015. TouchML: A Machine Learning Toolkit for Modelling Spatial Touch Targeting Behaviour. In Proceedings of the 20th International Conference on Intelligent User Interfaces (IUI '15). ACM, New York, NY, USA, 110--114. https://doi.org/10.1145/2678025.2701381

Digital Library

[4]

Daniel Buschek, Fabian Hartmann, Emanuel von Zezschwitz, Alexander De Luca, and Florian Alt. 2016. SnapApp: Reducing Authentication Overhead with a Time-Constrained Fast Unlock Option. In Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems (CHI '16). ACM, New York, NY, USA, 3736--3747. https://doi.org/10.1145/2858036.2858164

Digital Library

[5]

Alexander De Luca, Marian Harbach, Emanuel von Zezschwitz, Max-Emanuel Maurer, Bernhard Ewald Slawik, Heinrich Hussmann, and Matthew Smith. 2014. Now You See Me, Now You Don't: Protecting Smartphone Authentication from Shoulder Surfers. In Proceedings of the 32Nd Annual ACM Conference on Human Factors in Computing Systems (CHI '14). ACM, New York, NY, USA, 2937--2946. https://doi.org/10.1145/2556288.2557097

Digital Library

[6]

Anind K. Dey, Raffay Hamid, Chris Beckmann, Ian Li, and Daniel Hsu. 2004. A CAPpella: Programming by Demonstration of Context-aware Applications. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '04). ACM, New York, NY, USA, 33--40. https://doi.org/10.1145/985692.985697

Digital Library

[7]

Andrew Dathan Frankel and Muthucumaru Maheswaran. 2009. Feasibility of a Socially Aware Authentication Scheme. In 2009 6th IEEE Consumer Communications and Networking Conference. 1--6. https://doi.org/10.1109/CCNC.2009.4784910

[8]

Google. 2020. Choose when your Android device can stay unlocked. https://support.google.com/android/answer/9075927. Accessed 17 January 2020.

[9]

Google. 2020. Google Activity Recognition API. https://developers.google.com/android/reference/com/google/android/gms/location/ActivityRecognitionClient. Accessed 17 January 2020.

[10]

Marian Harbach, Alexander De Luca, and Serge Egelman. 2016. The Anatomy of Smartphone Unlocking: A Field Study of Android Lock Screens. In Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems (CHI '16). ACM, New York, NY, USA, 4806--4817. https://doi.org/10.1145/2858036.2858267

Digital Library

[11]

Eiji Hayashi, Sauvik Das, Shahriyar Amini, Jason Hong, and Ian Oakley. 2013. CASA: Context-aware Scalable Authentication. In Proceedings of the Ninth Symposium on Usable Privacy and Security (SOUPS '13). ACM, New York, NY, USA, Article 3, 10 pages. https://doi.org/10.1145/2501604.2501607

Digital Library

[12]

Eiji Hayashi and Jason Hong. 2011. A Diary Study of Password Usage in Daily Life. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '11). ACM, New York, NY, USA, 2627--2630. https://doi.org/10.1145/1978942.1979326

Digital Library

[13]

Markus Jakobsson, Elaine Shi, Philippe Golle, and Richard Chow. 2009. Implicit Authentication for Mobile Devices. In Proceedings of the 4th USENIX Conference on Hot Topics in Security (HotSec'09). USENIX Association, Berkeley, CA, USA, 9--9. http://dl.acm.org/citation.cfm?id=1855628.1855637

Digital Library

[14]

Andre Kalamandeen, Adin Scannell, Eyal de Lara, Anmol Sheth, and Anthony LaMarca. 2010. Ensemble: Cooperative Proximity-based Authentication. In Proceedings of the 8th International Conference on Mobile Systems, Applications, and Services (MobiSys '10). ACM, New York, NY, USA, 331--344. https://doi.org/10.1145/1814433.1814466

Digital Library

[15]

Mohamed Khamis, Florian Alt, Mariam Hassib, Emanuel von Zezschwitz, Regina Hasholzner, and Andreas Bulling. 2016. GazeTouchPass: Multimodal Authentication Using Gaze and Touch on Mobile Devices. In Proceedings of the 2016 CHI Conference Extended Abstracts on Human Factors in Computing Systems (CHI EA '16). ACM, New York, NY, USA, 2156--2164. https://doi.org/10.1145/2851581.2892314

Digital Library

[16]

René F. Kizilcec. 2016. How Much Information?: Effects of Transparency on Trust in an Algorithmic Interface. In Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems (CHI '16). ACM, New York, NY, USA, 2390--2395. https://doi.org/10.1145/2858036.2858402

Digital Library

[17]

Yuk L Li and Padmaja Ramadas. 2012. Context aware biometric authentication. US Patent 8,255,698.

[18]

Ahmed Mahfouz, Ildar Muslukhov, and Konstantin Beznosov. 2016. Android users in the wild: Their authentication and usage behavior. Pervasive and Mobile Computing 32 (2016), 50--61. https://doi.org/10.1016/j.pmcj.2016.06.017 Mobile Security, Privacy and Forensics.

[19]

George Musumba and Henry Nyongesa. 2013. Context awareness in mobile computing: A review. International Journal of Machine Learning and Applications 2, 1 (2013), 5. https://doi.org/10.4102/ijmla.v2i1.5

[20]

Amirhossein Naghshzan and Akshay Pathak. 2020. Lock-Screen. https://github.com/amirarcane/lock-screen. Accessed 17 January 2020.

[21]

Michele Nappi, Stefano Ricciardi, and Massimo Tistarelli. 2018. Context awareness in biometric systems and methods: State of the art and future scenarios. Image and Vision Computing 76 (2018), 27--37. https://doi.org/10.1016/j.imavis.2018.05.001

[22]

Jakob Nielsen. 1994. Enhancing the Explanatory Power of Usability Heuristics. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '94). Association for Computing Machinery, New York, NY, USA, 152--158. https://doi.org/10.1145/191666.191729

Digital Library

[23]

OpenWeather. 2020. Weather API. https://openweathermap.org/api. Accessed 17 January 2020.

[24]

Sarah Prange, Daniel Buschek, and Florian Alt. 2018. An Exploratory Study on Correlations of Hand Size and Mobile Touch Interactions. In Proceedings of the 17th International Conference on Mobile and Ubiquitous Multimedia (MUM 2018). ACM, New York, NY, USA, 279--283. https://doi.org/10.1145/3282894.3282924

Digital Library

[25]

Pearl Pu and Li Chen. 2006. Trust Building with Explanation Interfaces. In Proceedings of the 11th International Conference on Intelligent User Interfaces (IUI '06). ACM, New York, NY, USA, 93--100. https://doi.org/10.1145/1111449.1111475

Digital Library

[26]

Aritra Roy, Merab Tato Kutalia, shpp vsmaga, and Idan Ben Shalom. 2020. PIN-LockView. https://github.com/aritraroy/PinLockView. Accessed 17 January 2020.

[27]

B. Schilit, N. Adams, and R. Want. 1994. Context-Aware Computing Applications. In 1994 First Workshop on Mobile Computing Systems and Applications. 85--90. https://doi.org/10.1109/WMCSA.1994.16

Digital Library

[28]

Albrecht Schmidt, Michael Beigl, and Hans-W Gellersen. 1999. There is more to context than location. Computers & Graphics 23, 6 (1999), 893--901. https://doi.org/10.1016/S0097-8493(99)00120-X

[29]

S. W. Shah and S. S. Kanhere. 2019. Recent Trends in User Authentication - A Survey. IEEE Access 7 (2019), 112505--112519. https://doi.org/10.1109/ACCESS.2019.2932400

[30]

Zhexuan Song and Jesus Molina. 2011. Method and apparatus for context-aware authentication. US Patent App. 12/816,966.

[31]

Emanuel von Zezschwitz, Alexander De Luca, Bruno Brunkow, and Heinrich Hussmann. 2015. SwiPIN: Fast and Secure PIN-Entry on Smartphones. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems (CHI '15). ACM, New York, NY, USA, 1403--1406. https://doi.org/10.1145/2702123.2702212

Digital Library

[32]

Adam Wójtowicz and Krzysztof Joachimiak. 2016. Model for Adaptable Context-based Biometric Authentication for Mobile Devices. Personal Ubiquitous Comput. 20, 2 (April 2016), 195--207. https://doi.org/10.1007/s00779-016-0905-0

Digital Library

Cited By

Schneegass CSigethy SMitrevska TEiband MBuschek D(2022)UnlockLearning – Investigating the Integration of Vocabulary Learning Tasks into the Smartphone Authentication Processi-com10.1515/icom-2021-003721:1(157-174)Online publication date: 1-Apr-2022
https://doi.org/10.1515/icom-2021-0037
Bulak MSezgin H(2022)Data-Driven Usability Assessment Model for Smartphones: A Causal Analytic ApproachInternational Journal of Innovation and Technology Management10.1142/S021987702250028619:07Online publication date: 25-May-2022
https://doi.org/10.1142/S0219877022500286
Mathis FVaniea KKhamis M(2022)Can I Borrow Your ATM? Using Virtual Reality for (Simulated) In Situ Authentication Research2022 IEEE Conference on Virtual Reality and 3D User Interfaces (VR)10.1109/VR51125.2022.00049(301-310)Online publication date: Mar-2022
https://doi.org/10.1109/VR51125.2022.00049
Show More Cited By

Index Terms

Don't Use Fingerprint, it's Raining!: How People Use and Perceive Context-Aware Selection of Mobile Authentication
1. Human-centered computing
  1. Human computer interaction (HCI)
    1. HCI design and evaluation methods
      1. Field studies
  2. Ubiquitous and mobile computing
    1. Ubiquitous and mobile devices
      1. Smartphones
2. Security and privacy
  1. Security services
    1. Authentication
      1. Biometrics

Recommendations

Here Is Your Fingerprint!: Actual Risk versus User Perception of Latent Fingerprints and Smudges Remaining on Smartphones
ACSAC '17: Proceedings of the 33rd Annual Computer Security Applications Conference

A small touch sensor employed in smartphones can only capture a partial limited portion of the full fingerprint, and so it is more vulnerable to fingerprint spoofing attacks that leverage a user's firm impression. However, it is still unknown whether ...
Construction of a secure two-factor user authentication system using fingerprint information and password

User authentication is highly necessary technology in a variety of services. Many researchers have proposed a two-factor authentication scheme using certificate and OTP, smartcard and password, and so on. Two-factor authentication requires an additional ...
Exploring Novice Approaches to Smartphone-based Thermographic Energy Auditing: A Field Study
CHI '17: Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems

The recent integration of thermal cameras with commodity smartphones presents an opportunity to engage the public in evaluating energy-efficiency issues in the built environment. However, it is unclear how novice users without professional experience or ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

AVI '20: Proceedings of the 2020 International Conference on Advanced Visual Interfaces

September 2020

613 pages

ISBN:9781450375351

DOI:10.1145/3399715

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 October 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper
Research
Refereed limited

Funding Sources

Conference

AVI '20

AVI '20: International Conference on Advanced Visual Interfaces

September 28 - October 2, 2020

Salerno, Italy

Acceptance Rates

AVI '20 Paper Acceptance Rate 36 of 123 submissions, 29%;

Overall Acceptance Rate 128 of 490 submissions, 26%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
133
Total Downloads

Downloads (Last 12 months)10
Downloads (Last 6 weeks)2

Reflects downloads up to 22 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Schneegass CSigethy SMitrevska TEiband MBuschek D(2022)UnlockLearning – Investigating the Integration of Vocabulary Learning Tasks into the Smartphone Authentication Processi-com10.1515/icom-2021-003721:1(157-174)Online publication date: 1-Apr-2022
https://doi.org/10.1515/icom-2021-0037
Bulak MSezgin H(2022)Data-Driven Usability Assessment Model for Smartphones: A Causal Analytic ApproachInternational Journal of Innovation and Technology Management10.1142/S021987702250028619:07Online publication date: 25-May-2022
https://doi.org/10.1142/S0219877022500286
Mathis FVaniea KKhamis M(2022)Can I Borrow Your ATM? Using Virtual Reality for (Simulated) In Situ Authentication Research2022 IEEE Conference on Virtual Reality and 3D User Interfaces (VR)10.1109/VR51125.2022.00049(301-310)Online publication date: Mar-2022
https://doi.org/10.1109/VR51125.2022.00049
Mathis FVaniea KKhamis M(2021)Prototyping Usable Privacy and Security Systems: Insights from ExpertsInternational Journal of Human–Computer Interaction10.1080/10447318.2021.194913438:5(468-490)Online publication date: 5-Aug-2021
https://doi.org/10.1080/10447318.2021.1949134

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents