An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks

William Aiken, Hyoungshick Kim, Jungwoo Ryoo, Mary Beth Rosson

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

This paper presents a possible implementation of progressive authentication using the Android pattern lock. Our key idea is to use one pattern for two access levels to the device; an abridged pattern is used to access generic applications and a second, extended and higher-complexity pattern is used less frequently to access more sensitive applications. We conducted a user study of 89 participants and a consecutive user survey on those participants to investigate the usability of such a pattern scheme. Data from our prototype showed that for unlocking lowsecurity applications the median unlock times for users of the multiple pattern scheme and conventional pattern scheme were 2824 ms and 5589 ms respectively, and the distributions in the two groups differed significantly (Mann-Whitney U test, p-value less than 0.05, two-tailed). From our user survey, we did not find statistically significant differences between the two groups for their qualitative responses regarding usability and security (t-test, p-value greater than 0.05, two-tailed), but the groups did not differ by more than one satisfaction rating at 90% confidence.

Original languageEnglish (US)
Title of host publication2018 16th Annual Conference on Privacy, Security and Trust, PST 2018
EditorsRobert H. Deng, Stephen Marsh, Jason Nurse, Rongxing Lu, Sakir Sezer, Paul Miller, Liqun Chen, Kieran McLaughlin, Ali Ghorbani
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781538674932
DOIs
StatePublished - Oct 29 2018
Event16th Annual Conference on Privacy, Security and Trust, PST 2018 - Belfast, Northern Ireland, United Kingdom
Duration: Aug 28 2018Aug 30 2018

Publication series

Name2018 16th Annual Conference on Privacy, Security and Trust, PST 2018

Conference

Conference16th Annual Conference on Privacy, Security and Trust, PST 2018
CountryUnited Kingdom
CityBelfast, Northern Ireland
Period8/28/188/30/18

Fingerprint

Authentication
Evaluation

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality

Cite this

Aiken, W., Kim, H., Ryoo, J., & Rosson, M. B. (2018). An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks. In R. H. Deng, S. Marsh, J. Nurse, R. Lu, S. Sezer, P. Miller, L. Chen, K. McLaughlin, ... A. Ghorbani (Eds.), 2018 16th Annual Conference on Privacy, Security and Trust, PST 2018 [8514215] (2018 16th Annual Conference on Privacy, Security and Trust, PST 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/PST.2018.8514215
Aiken, William ; Kim, Hyoungshick ; Ryoo, Jungwoo ; Rosson, Mary Beth. / An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks. 2018 16th Annual Conference on Privacy, Security and Trust, PST 2018. editor / Robert H. Deng ; Stephen Marsh ; Jason Nurse ; Rongxing Lu ; Sakir Sezer ; Paul Miller ; Liqun Chen ; Kieran McLaughlin ; Ali Ghorbani. Institute of Electrical and Electronics Engineers Inc., 2018. (2018 16th Annual Conference on Privacy, Security and Trust, PST 2018).
@inproceedings{51a4b3b1d69341c2adfc120cc7f3b3ee,
title = "An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks",
abstract = "This paper presents a possible implementation of progressive authentication using the Android pattern lock. Our key idea is to use one pattern for two access levels to the device; an abridged pattern is used to access generic applications and a second, extended and higher-complexity pattern is used less frequently to access more sensitive applications. We conducted a user study of 89 participants and a consecutive user survey on those participants to investigate the usability of such a pattern scheme. Data from our prototype showed that for unlocking lowsecurity applications the median unlock times for users of the multiple pattern scheme and conventional pattern scheme were 2824 ms and 5589 ms respectively, and the distributions in the two groups differed significantly (Mann-Whitney U test, p-value less than 0.05, two-tailed). From our user survey, we did not find statistically significant differences between the two groups for their qualitative responses regarding usability and security (t-test, p-value greater than 0.05, two-tailed), but the groups did not differ by more than one satisfaction rating at 90{\%} confidence.",
author = "William Aiken and Hyoungshick Kim and Jungwoo Ryoo and Rosson, {Mary Beth}",
year = "2018",
month = "10",
day = "29",
doi = "10.1109/PST.2018.8514215",
language = "English (US)",
series = "2018 16th Annual Conference on Privacy, Security and Trust, PST 2018",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
editor = "Deng, {Robert H.} and Stephen Marsh and Jason Nurse and Rongxing Lu and Sakir Sezer and Paul Miller and Liqun Chen and Kieran McLaughlin and Ali Ghorbani",
booktitle = "2018 16th Annual Conference on Privacy, Security and Trust, PST 2018",
address = "United States",

}

Aiken, W, Kim, H, Ryoo, J & Rosson, MB 2018, An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks. in RH Deng, S Marsh, J Nurse, R Lu, S Sezer, P Miller, L Chen, K McLaughlin & A Ghorbani (eds), 2018 16th Annual Conference on Privacy, Security and Trust, PST 2018., 8514215, 2018 16th Annual Conference on Privacy, Security and Trust, PST 2018, Institute of Electrical and Electronics Engineers Inc., 16th Annual Conference on Privacy, Security and Trust, PST 2018, Belfast, Northern Ireland, United Kingdom, 8/28/18. https://doi.org/10.1109/PST.2018.8514215

An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks. / Aiken, William; Kim, Hyoungshick; Ryoo, Jungwoo; Rosson, Mary Beth.

2018 16th Annual Conference on Privacy, Security and Trust, PST 2018. ed. / Robert H. Deng; Stephen Marsh; Jason Nurse; Rongxing Lu; Sakir Sezer; Paul Miller; Liqun Chen; Kieran McLaughlin; Ali Ghorbani. Institute of Electrical and Electronics Engineers Inc., 2018. 8514215 (2018 16th Annual Conference on Privacy, Security and Trust, PST 2018).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks

AU - Aiken, William

AU - Kim, Hyoungshick

AU - Ryoo, Jungwoo

AU - Rosson, Mary Beth

PY - 2018/10/29

Y1 - 2018/10/29

N2 - This paper presents a possible implementation of progressive authentication using the Android pattern lock. Our key idea is to use one pattern for two access levels to the device; an abridged pattern is used to access generic applications and a second, extended and higher-complexity pattern is used less frequently to access more sensitive applications. We conducted a user study of 89 participants and a consecutive user survey on those participants to investigate the usability of such a pattern scheme. Data from our prototype showed that for unlocking lowsecurity applications the median unlock times for users of the multiple pattern scheme and conventional pattern scheme were 2824 ms and 5589 ms respectively, and the distributions in the two groups differed significantly (Mann-Whitney U test, p-value less than 0.05, two-tailed). From our user survey, we did not find statistically significant differences between the two groups for their qualitative responses regarding usability and security (t-test, p-value greater than 0.05, two-tailed), but the groups did not differ by more than one satisfaction rating at 90% confidence.

AB - This paper presents a possible implementation of progressive authentication using the Android pattern lock. Our key idea is to use one pattern for two access levels to the device; an abridged pattern is used to access generic applications and a second, extended and higher-complexity pattern is used less frequently to access more sensitive applications. We conducted a user study of 89 participants and a consecutive user survey on those participants to investigate the usability of such a pattern scheme. Data from our prototype showed that for unlocking lowsecurity applications the median unlock times for users of the multiple pattern scheme and conventional pattern scheme were 2824 ms and 5589 ms respectively, and the distributions in the two groups differed significantly (Mann-Whitney U test, p-value less than 0.05, two-tailed). From our user survey, we did not find statistically significant differences between the two groups for their qualitative responses regarding usability and security (t-test, p-value greater than 0.05, two-tailed), but the groups did not differ by more than one satisfaction rating at 90% confidence.

UR - http://www.scopus.com/inward/record.url?scp=85063467985&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85063467985&partnerID=8YFLogxK

U2 - 10.1109/PST.2018.8514215

DO - 10.1109/PST.2018.8514215

M3 - Conference contribution

AN - SCOPUS:85063467985

T3 - 2018 16th Annual Conference on Privacy, Security and Trust, PST 2018

BT - 2018 16th Annual Conference on Privacy, Security and Trust, PST 2018

A2 - Deng, Robert H.

A2 - Marsh, Stephen

A2 - Nurse, Jason

A2 - Lu, Rongxing

A2 - Sezer, Sakir

A2 - Miller, Paul

A2 - Chen, Liqun

A2 - McLaughlin, Kieran

A2 - Ghorbani, Ali

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Aiken W, Kim H, Ryoo J, Rosson MB. An Implementation and Evaluation of Progressive Authentication Using Multiple Level Pattern Locks. In Deng RH, Marsh S, Nurse J, Lu R, Sezer S, Miller P, Chen L, McLaughlin K, Ghorbani A, editors, 2018 16th Annual Conference on Privacy, Security and Trust, PST 2018. Institute of Electrical and Electronics Engineers Inc. 2018. 8514215. (2018 16th Annual Conference on Privacy, Security and Trust, PST 2018). https://doi.org/10.1109/PST.2018.8514215