Presentation is loading. Please wait.

Presentation is loading. Please wait.

BY CHEN YEAH TECK Image-Based Authentication for Mobile Phones: Performance and User Opinions Source: Slippery Brick (2006)

Published byJoan McDaniel Modified over 8 years ago

Similar presentations

Presentation on theme: "BY CHEN YEAH TECK Image-Based Authentication for Mobile Phones: Performance and User Opinions Source: Slippery Brick (2006)"— Presentation transcript:

1 BY CHEN YEAH TECK Image-Based Authentication for Mobile Phones: Performance and User Opinions Source: Slippery Brick (2006)

2 Outline Introduction Motivation Literature Review Research Questions Research Methodology Findings Limitations Future Work

3 Introduction Increasingly sophisticated mobile devices More data generated, more services available More than 200,000 phones reported stolen each year in Australia alone (AMTA, 2008) How do you protect your phone?

4 Motivation Improper use of embedded mobile phone security (Clarke & Furnell 2005)  30% believe PIN troublesome  34% disable PIN  66% of those who use PIN  38% forgotten PIN at least once  45% use default PIN  42% change once (after purchase)  13% change more than once

5 Motivation (Cont) Password and PIN still the most used authentication mechanisms but often result inappropriate use and have memorability issues Token and Biometrics have limitations Research on image based authentication (IBA) shows promise Little focus on usability of new authentication methods

6 Literature Review The “Security Guard” Analogy Authentication  Something you know  Something you have  Someone you are  Also, someone you know

7 Literature Review (Cont) PIN and password  Used to be machine generated  Led to user generated  Mobile device needs instantaneous access, authentication in the way get disabled Limitation  Memorability and usability issues  In secure PIN and Password

8 Literature Review (Cont) Token Authentication  Removes need to remember password  Store digital certificate  Smart media  Transient Authentication Limitation  Extra hardware/cost  Left in situ  Can be forgotten or lost  Use PIN or password as fallback Source: Nicholson, Corner & Noble 2006

9 Literature Review (Cont) Biometrics  Physiological (Fingerprint, Face, Iris)  Behavioural (Voice, Keystroke pattern, Gait, Signature) Limitation  Extra hardware/cost  Accuracy issues  Privacy issues  Use PIN or password as fallback Source: Furnell, S, Clarke & Karatzouni 2008

10 Literature Review (Cont) Graphical Based Authentication  Recognition based  Recall based Source: Takada & Koike 2003 Source: Weiss & Luca 2008

11 Research Questions Questions  Which IBA authenticates faster?  Which IBA has higher authentication success rates?  What are users’ opinionson user authentication and IBA? Contributions  Usability studies for user authentication especially for IBA  Improving user authentication experience can result better acceptance and usage among consumers

12 Research Methodology Develop prototype Compare PIN, Password, Picture Password, and Awase-E Data Collection  Enrolment and learning  Test 1 (Survey then verification)  Test 2 (Verification after 1 week) Authentication speed and success rate

13 Findings Authentication Speed Authentication Success Rate User Opinions

14 Authentication Speed

15 Authentication Speed Summary Pin was the fastest, speed decreased but significantly faster than other techniques Password was at least twice as slow as PIN Picture Password was similar to password’s speed Awase-E was surprisingly faster than predicted and reported User may still prefer PIN as it is the fastest technique, may tolerate slower authentication if only authenticate once or several times only

16 Authentication Success Rate

17 Authentication Success Rate Summary PIN and Password expected to decline over time and did, password did worse Picture Password performed well initially, but experienced a huge drop after a week to 55% Awase-E performed as expected, maintaining high success rate User still prefer PIN and password despite doing worse than Awase-E, probably due to familiarity, 35% still prefer PIN and password despite making an error

18 User Opinions Authentication Frequency  15% none, 40% once, 25% several times, 20% every time  Total 85% willing to use some sort of authentication Usage of mobile authentication  Only 35% use it – protect data, email account, unintended use  65% do not use it – don’t know how to set it up, unnecessary, no significant data, troublesome, time consuming, had never let other people use their phone Opportunities to persuade user to adopt mobile security function, including IBA

19 User Preference Techniques/PINPasswordPicture PasswordAwase-E Preference0 week1 week0 week1 week0 week1 week0 week1 week Top 115%25%20%35%25%0%45%40% Top 245%50%45%55%45%30%70%65% Preference for PIN due to speed and success rate Preference for Password also increased although it did worse than initially Significant drop for Picture Password expected due to poor performance Awase-E maintained high preference

20 Limitation and Future work Sample size (20 participants)  Use average, and standard deviation not taken into consideration  Exploratory research to provide indication of the performance of IBA techniques and future research direction Future Research  This research is an exploratory endeavour to provide indication for the usabilities of IBA techniques and also direction for future research  Larger sample size  Incorporate other factors such as age and social groups

21 References ATMA 2008, '2008 Annual Report', AMTA Publication. Clarke, N & Furnell, S 2005, 'Authentication of users on mobile telephones–A survey of attitudes and practices', Computers & Security, vol. 24, no. 7, pp. 519-527. Furnell, S, Clarke, N & Karatzouni, S 2008, 'Beyond the PIN: Enhancing user authentication for mobile devices', Computer Fraud and Security, vol. 2008, no. 8, pp. 12-17. Nicholson, AJ, Corner, MD & Noble, BD 2006, 'Mobile device security using transient authentication', IEEE Transactions on Mobile Computing, vol. 5, no. 11, pp. 1489-502. SliperryBrick, 2006, “LG KE850 Touch Screen Mobile Phone”, viewed 3 June 2009, http://www.slipperybrick.com/2006/12/lg-ke850-touch-screen-mobile-phone Takada, T & Koike, H 2003, 'Awase-E: image-based authentication for mobile phones using user's favorite images', Lecture Notes in Computer Science, pp. 347-351. Takada, T, Onuki, T & Koike, H 2006, 'Awase-E: Recognition-based Image Authentication Scheme Using Users’ Personal Photographs', Innovations in Information Technology, 2006, pp. 1-5. Weiss, R & Luca, AD 2008, PassShapes: utilizing stroke based authentication to increase password memorability, ACM, Lund, Sweden.

22 Q & A Thank You

Download ppt "BY CHEN YEAH TECK Image-Based Authentication for Mobile Phones: Performance and User Opinions Source: Slippery Brick (2006)"

Similar presentations

A mobile single sign-on system Master thesis 2006 Mats Byfuglien.

A mobile single sign-on system Master thesis 2006 Mats Byfuglien.
A Comprehensive Study of the Usability of multiple Graphical Passwords SoumChowdhury (Presenter) Ron Poet Lewis Mackenzie 1 School of Computing Science.

A Comprehensive Study of the Usability of multiple Graphical Passwords SoumChowdhury (Presenter) Ron Poet Lewis Mackenzie 1 School of Computing Science.
CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.

CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.
(Biometrics Consortium)

(Biometrics Consortium)
What is Biometric identification 1 ? –Biometrics is the use of automated methods to recognize a person based on a physical characteristic. –Biometric technologies.

What is Biometric identification 1 ? –Biometrics is the use of automated methods to recognize a person based on a physical characteristic. –Biometric technologies.
By Aidan Summerville.  The process inn which a person’s unique physical and other traits are detected and recorded by an electronic device or system.

By Aidan Summerville.  The process inn which a person’s unique physical and other traits are detected and recorded by an electronic device or system.
Improving ATM Security via Facial Recognition CPSC510 James Maxlow November 25 th, 2002.

Improving ATM Security via Facial Recognition CPSC510 James Maxlow November 25 th, 2002.
National Institute of Science & Technology Fingerprint Verification Maheswar Dalai Presented By MHESWAR DALAI Roll No. #CS200127358 “Fingerprint Verification.

National Institute of Science & Technology Fingerprint Verification Maheswar Dalai Presented By MHESWAR DALAI Roll No. #CS “Fingerprint Verification.
3d ..

3d ..
3D-password A more secured authentication G.Suresh babu Roll no:08H71A05C2 Computer science & engineering Mic college of technology Guide:Mrs A.Jaya Lakshmi.

3D-password A more secured authentication G.Suresh babu Roll no:08H71A05C2 Computer science & engineering Mic college of technology Guide:Mrs A.Jaya Lakshmi.
BIOMETRICS AND NETWORK AUTHENTICATION Security Innovators.

BIOMETRICS AND NETWORK AUTHENTICATION Security Innovators.
Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.

Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.
Internet Authentication Based on Personal History – A Feasibility Test Ann Nosseir, Richard Connor, Mark Dunlop University of Strathclyde Computer and.

Internet Authentication Based on Personal History – A Feasibility Test Ann Nosseir, Richard Connor, Mark Dunlop University of Strathclyde Computer and.
Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.

Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.
Emerging Biometric Applications Expectations and Reality (in 29 minutes or less!) (C) Mr David Heath of Triton Secure.

Emerging Biometric Applications Expectations and Reality (in 29 minutes or less!) (C) Mr David Heath of Triton Secure.
Video- and Audio-based Biometric Person Authentication Motivation: Applications. Modalities and their characteristics. Characterization of a biometric.

Video- and Audio-based Biometric Person Authentication Motivation: Applications. Modalities and their characteristics. Characterization of a biometric.
Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.

Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.
Biometrics and Authentication Shivani Kirubanandan.

Biometrics and Authentication Shivani Kirubanandan.
Going beyond passwords

Going beyond passwords
Biometrics Kyle O'Meara April 14, 2008. Contents Introduction Specific Types of Biometrics Examples Personal Experience Questions.

Biometrics Kyle O'Meara April 14, Contents Introduction Specific Types of Biometrics Examples Personal Experience Questions.

Similar presentations

Ads by Google