Title | ||
---|---|---|
On the Security and Usability Implications of Providing Multiple Authentication Choices on Smartphones: The More, the Better? |
Abstract | ||
---|---|---|
AbstractThe latest smartphones have started providing multiple authentication options including PINs, patterns, and passwords (knowledge based), as well as face, fingerprint, iris, and voice identification (biometric-based). In this article, we conducted two user studies to investigate how the convenience and security of unlocking phones are influenced by the provision of multiple authentication options. In a task-based user study with 52 participants, we analyze how participants choose an option to unlock their smartphone in daily life. The user study results demonstrate that providing multiple biometric-based authentication choices does not really influence convenience, because fingerprint had monopolistic dominance in the usage of unlock methods (111 of a total of 115 unlock trials that used a biometric-based authentication factor) due to users’ habitual behavior and fastness in unlocking phones. However, convenience was influenced by the provision of both knowledge-based and biometric-based authentication categories, as biometric-based authentication options were used in combination with knowledge-based authentication options—pattern was another frequently used unlock method. Our findings were confirmed and generalized through a follow-up survey with 327 participants. First, knowledge-based and biometric-based authentication options are used interchangeably. Second, providing multiple authentication options for knowledge-based authentication may influence convenience—both PINs (55.7%) and patterns (39.2%) are quite evenly used. Last, in contrast to knowledge-based authentication, providing multiple authentication choices for biometric-based authentication has less influence on choosing unlock options—fingerprint scanner is the most frequently used option (134 of 187 unlock methods used among biometric-based authentication options). |
Year | DOI | Venue |
---|---|---|
2020 | 10.1145/3410155 | ACM Transactions on Privacy and Security |
Keywords | DocType | Volume |
Multiple authentication options, biometric authentication, password | Journal | 23 |
Issue | ISSN | Citations |
4 | 2471-2566 | 0 |
PageRank | References | Authors |
0.34 | 0 | 8 |
Name | Order | Citations | PageRank |
---|---|---|---|
Geumhwan Cho | 1 | 43 | 6.90 |
Jun Ho Huh | 2 | 152 | 18.72 |
Soolin Kim | 3 | 0 | 0.34 |
junsung cho | 4 | 22 | 3.03 |
Heesung Park | 5 | 0 | 0.34 |
Yenah Lee | 6 | 0 | 0.34 |
Konstantin Beznosov | 7 | 1521 | 105.47 |
Hyoungshick Kim | 8 | 106 | 19.23 |