Tactile, Auditory and Graphical Authentication for Desktop and Mobile Interfaces
Overview
Research suggests that human limitations are rarely considered in the design of knowledge-based authentication systems. In an attempt to foster entry to a system, individuals tend to choose passwords which are easy to recall. However, inappropriate selection can compromise data security. In order to restore the balance between security and memorability, we have proposed tactile based solutions. Our studies have shown that 'tactile passwords' (composed of four stimuli) can be recognized with strong levels of accuracy over a long term period. Studies examining authentication for individuals who are blind have been conducted. Research has also focused on ways in which abstract sounds can be used for authentication.
More recent work is focusing on ways that we can design tactile and gestural authentication solutions for mobile usage (H4Plock), multi-factor authentication, and issues associated with selecting patterns for unlock screens. The research is funded through the Office of Naval Research, in collaboration with Dr. Adam J. Aviv at USNA. The guidance based upon research undertaken (baselines for shoulder surfing on mobile authentication) has generated media interest.
Further details of more recent work conducted can be viewed on the PUSH group web site (push.umbc.edu)
System Development
|
|
VTPlayer mouse with matrix presenting raised pins underneath the user's fingers (www.virtouch.com) |
"Tactile password" composed of series of raised pins (static or animated) |
Publications
- Ray, H. Wolf, F., Kuber, R. & Aviv. A.J., 2022: Investigating Older Adults' Adoption and Usage of Online Conferencing Tools during COVID-19 In proceedings of W4A'22, Article No. 27.
- Wolf, F., Aviv, A.J. & Kuber, R., 2021: Security Obstacles and Motivations for Small Businesses from a CISO's Perspective. In proceedings of 30th USENIX Security Symposium (USENIX Security 21).
- Ray, H., Aviv, A.J. & Kuber, R., 2021: Why Older Adults (Don't) Use Password Managers. In proceedings of 30th USENIX Security Symposium (USENIX Security 21).
-
Ray, H., Wolf, F., Kuber, R. & Aviv, A.J., 2021: “Warn Them” or “Just Block Them”?: Using Drawmetrics to Compare Privacy Concerns Among Older and Working Age Adults.” Privacy Enhancing Technologies Symposium (2), 27-47.
- Khan, H., Ceci, J., Stegman, J., Aviv, A.J., Dara, R. & Kuber, R., 2020: Widely Reused and Shared, Infrequently Updated, and Sometimes Inherited: A Holistic View of PIN Authentication in Digital Lives and Beyond. In proceedings of ACSAC'20, 249–262.
- Ray, H. Wolf, F., Kuber, R. & Aviv. A.J., 2019: "Woe is me:" Examining Older Adults' Perceptions of Privacy. In Extended Abstracts of CHI’19, LBW2611.
- Wolf, F., Kuber, R. & Aviv. A.J., 2019: "Pretty Close to a Must-Have:" Balancing Usability
Desire and Security Concern in Biometric Adoption. In proceedings of CHI’19, Paper 151.
-
Saulynas, S., Lechner, C. & Kuber, R. 2018: Towards the Use of Brain-Computer Interface Technologies as a Potential Alternative to PIN Authentication. International Journal of Human-Computer Interaction, 34 (5), 433-444. DOI: 10.1080/10447318.2017.1357905.
- Wolf, F., Kuber, R. & Aviv, A.J. 2018: An Empirical Study Examining the Perceptions and Behaviours of Security-Conscious Users of Mobile Authentication. Behaviour and Information Technology, 37(4), 320-334, DOI: 10.1080/0144929X.2018.1436591
- Wolf, F., Aviv, A.J. & Kuber, R. 2018: "It’s All About The Start” Classifying Eyes-Free Mobile Authentication Techniques. Journal of Information Security and Applications, 41, 28-40. DOI: 10.1016/j.jisa.2018.05.004.
- Wolf, F., Kuber, R. & Aviv, A.J. 2018: How Do We Talk Ourselves Into These Things? Challenges with Adoption of Biometric Authentication for Expert and Non-Expert Users. In Extended Abstracts of CHI'18, Montreal, Canada, LBW502.
- Aviv, A.J. & Kuber, R. 2018: Towards Understanding Connections between
Security/Privacy Attitudes and Unlock Authentication. In proceedings of USEC'18, DOI: 10.14722/usec.2018.23011.
- Wolf, F., Aviv, A.J. & Kuber, R. 2018: Performance of Eyes-Free Mobile Authentication. In proceedings of USEC'18, DOI: 10.14722/usec.2018.23013 (Detailed version of paper).
- Aviv, A.J., Kuber, R. & Budzitowski, D. 2017: Is Bigger Better When It Comes to Android Graphical Pattern Unlock?. IEEE Internet Computing, 21 (6), 46-51.
- Aviv, A.J., Davin, J.T., Wolf, F. & Kuber, R. 2017: Towards Baselines for Shoulder Surfing on Mobile Authentication. In proceedings of ACSAC'17, 486-498.
- Saulynas, S. & Kuber, R. 2017: Towards BCI and Gestural-Based Authentication for Individuals who are Blind. In proceedings of ASSETS’17, 403-404.
- Wolf, F., Kuber, R. & Aviv, A.J. 2017: Addressing Observational Attacks through the Design of a Tactile Aid for Mobile User Authentication. In 33rd Annual Computer Security Applications Conference - ACSAC’17, Orlando, FL.
- Wolf, F., Kuber, R. & Aviv, A.J. 2017: Perceptions of Mobile Device Authentication Mechanisms by Individuals who are Blind. In proceedings of ASSETS’17, 385-386.
- Davin, J.T., Aviv, A.J., Wolf, F. & Kuber, R. 2017: Baseline Measurements of Shoulder Surfing Analysis and Comparability for Smartphone Unlock Authentication. In Extended Abstracts of CHI'17, Denver, CO, 2496-2503.
- Wolf, F. Kuber, R. & Aviv, A.J. 2016: Preliminary Findings from an Exploratory Qualitative Study of Security-Conscious Users of Mobile Authentication. In proceedings of the 2nd Workshop on Security Information Workers, SOUPS'16, Denver, CO.
- Wolf, F. Kuber, R. & Aviv, A.J. 2016: Towards Non-Observable Authentication for Mobile Devices. In Poster Session of SOUPS'16, Denver, CO.
- Ali, A., Kuber, R. & Aviv, A.J. 2016: Developing and Evaluating a Gestural and Tactile Mobile Interface to Support User Authentication. In proceedings of iConference'16, Philadelphia, PA.
- Aviv, A.J., Budzitowski, D. & Kuber, R. 2015: Is Bigger Better? Comparing User-Generated Passwords on 3x3 vs. 4x4 Grid Sizes for Android's Pattern Unlock. In proceedings of ACSAC'15, Los Angeles, USA, 301-310.
- Ali, A., Kuber, R. & Aviv, A.J. 2015: H4Plock: Supporting Mobile User Authentication through Gestural Input and Tactile Output. In Poster Session of SOUPS'15, Ottawa, Canada.
- Budzitowski, D., Aviv, A.J. & Kuber, R. 2015: Do Bigger Grids Sizes Mean Better Passwords? 3x3 vs. 4x4 Grid Sizes for Android Unlock Patterns. In Poster Session of SOUPS'15, Ottawa, Canada.
-
Said, K., Kuber, R. & Murphy, E. 2015: AudioAuth: Exploring the Design and Usability of a Sound-Based Authentication System. International Journal of Mobile Human Computer Interaction, 7(4), 16-34.
-
Said, K., Kuber, R. & Murphy, E. 2014:
Towards the Development of AudioAuth: An Auditory Authentication System. In proceedings of Irish HCI'14, Dublin, Ireland, 48-55, ISBN 978-1-873769-27-0.
-
Kuber, R. & Sharma, S. 2012: Developing an Extension to an Existing Tactile Authentication Mechanism to Support Non-Visual Interaction. In proceedings of IASTED HCI'12, Baltimore, USA, 190-198.
-
Kuber, R., Tretter, M. & Murphy, E. 2011: Developing and Evaluating a Non-Visual Memory Game. In proceedings of INTERACT'11 (Lecture Notes in Computer Science 6947), Lisbon, Portugal, 541-553.
-
Kuber, R. & Yu, W. 2010: Feasibility Study of Tactile-based Authentication. International
Journal of Human-Computer Studies, 68, 158-181.
-
Kuber, R. & Sharma, S. 2010: Toward Tactile Authentication for Blind Users. In proceedings of ASSETS'10, Orlando, USA, 289-290.
-
Kuber, R. & Yu, W. 2010: Tactile vs Graphical Authentication. In proceedings of Eurohaptics'10 (Lecture Notes in Computer Science 6191), Amsterdam, Netherlands, 314-319.
-
Kuber, R. & Yu, W. 2006: Authentication using Tactile Feedback. In proceedings of BCS HCI'06 Volume 2, London, UK, 141-145.
Students
- Flynn Wolf (Ph.D.)
- Karim Said (Ph.D.)
- Abdullah Ali (MS)
- Shiva Sharma (MS)
- Matthew Tretter (MS)