"They brought in the horrible key ring thing!" Analysing the Usability of Two-Factor Authentication in UK Online Banking

Krol, Kat; Philippou, Eleni; Cristofaro, Emiliano De; Sasse, M. Angela

doi:10.14722/usec.2015.23001

Cited by 49 publications

(38 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We suggest that this was because token-based authentication, like 2FA, is more effortful, and deemed more worthwhile if required by the context, or if the user already has experience of a similar scheme. Our results are also consistent with Krol et al [21], whose participants worried about theft, and preferred the idea of biometric authentication. Participants also disliked the physical effort associated with having to interact with Pico.…”

Section: A Related Researchsupporting

confidence: 92%

See 1 more Smart Citation

Responsibility and Tangible Security: Towards a Theory of User Acceptance of Security Tokens

Payne¹,

Jenkinson²,

Stajano³

et al. 2016

Proceedings 2016 Workshop on Usable Security

Self Cite

View full text Add to dashboard Cite

Abstract-Security and usability issues with passwords suggest a need for a new authentication scheme. Several alternatives involve a physical device or token. We investigate one such alternative, Pico: an authentication scheme that utilizes multiple wearable devices. We present the grounded theory results of a series of semi-structured interviews for exploring perceptions of this scheme. We found that the idea of carrying physical devices increases perceived personal responsibility for secure authentication, making the risks and inconvenience associated with loss and theft salient for participants. Although our work is focused on Pico, the results of the study contribute to a broader understanding of user perception and concerns of responsibility for any token-based authentication schemes.

show abstract

Section: A Related Researchsupporting

confidence: 92%

“…Most used a hardware token only because their employer or bank forced them to. This is in line with Krol et al [21], who found that carrying and operating a hardware token for 2FA with online banking negatively correlated with satisfaction.…”

Section: Recently Fido (Fast Identity Online)supporting

confidence: 91%

Responsibility and Tangible Security: Towards a Theory of User Acceptance of Security Tokens

Payne¹,

Jenkinson²,

Stajano³

et al. 2016

Proceedings 2016 Workshop on Usable Security

Self Cite

View full text Add to dashboard Cite

show abstract

“…The number of online banking users has been growing throughout the world, as the convenience of using online banking to perform banking transactions throughout the day has an edge over previous delivery channels, mainly a visit to a brick-and-mortar bank branch. Nonetheless, online banking has problems that still need to be addressed to achieve the full benefits of the service, such as usability 3 and security 4 . Firstly, as much as adoption is increasing, the rate of adoption is not the same across different economies.…”

Section: Online Bankingmentioning

confidence: 99%

“…Although the findings were favourable in a prototype system, these cannot be generalised to a commercially developed system, as there are still major usability and privacy issues with biometric systems. Krol et al 3 reported on the usability of a two-factor authentication mechanism for online banking that used hardware tokens. The respondents from the study highlighted a preference for biometric authentication because of the high degree of mental and physical workload and usability issues of hardware tokens.…”

Section: Related Workmentioning

confidence: 99%

System usability scale evaluation of online banking services: A South African study

Mujinga¹,

Eloff²,

Kroeze³

2018

S. Afr. J. Sci.

View full text Add to dashboard Cite

HOW TO CITE:Mujinga M, Eloff MM, Kroeze JH. System usability scale evaluation of online banking service: A South African study. S Afr J Sci. 2018;114(3/4) Online banking is a critical service offered by financial institutions to their clientele to facilitate easier and faster access to financial services and transactions. Banks currently spend huge amounts of money on development and maintenance of websites and backend systems that offer online banking facilities to clients. Here we address the effect of moderating factors on online banking usability assessment in South Africa. Using statistical analysis techniques that included t-tests, ANOVA and correlation, we investigated whether there are statistically significant mean differences in system usability scale (SUS) scores based on a variety of moderating factors in South Africa. Findings based on a sample of 540 respondents show that SUS scores differ significantly based on factors such as age, experience and income, whereas factors such as gender, use frequency and employment did not affect the mean SUS scores. Given the individual SUS scores for a variety of users based on different demographics, the financial institutions might improve service usability to target specific user groups and realise their return on investment in digital banking channels. Therefore improving service usability might go a long way in encouraging online banking adoption in South Africa. Significance:• The overall assessment of online banking service by users based on a SUS measurement tool was investigated.• The effect of moderating variables on the mean SUS scores of different user groups was established.• An insight into areas of improvement with regard to usability based on demographic information of users is provided.

show abstract

“…According to a study by Zink and Waldvogel [82], 83.3% users considered that SMS-based transaction authentication number is not a usable solution. Another in-depth usability study by Krol et al [81] evaluated 2-factor authentication on 21 online banking customers (16 among 21 were having multiple accounts with more than one bank). Total 90 separate login sessions of all the participants were collected meticulously, over the period of 11 days.…”

Section: Something Youmentioning

confidence: 99%

Demystifying Authentication Concepts in Smartphones: Ways and Types to Secure Access

Gupta

Buriro

Crispo

2018

Mobile Information Systems

View full text Add to dashboard Cite

Smartphones are the most popular and widespread personal devices. Apart from their conventional use, that is, calling and texting, they have also been used to perform multiple security sensitive activities, such as online banking and shopping, social networking, taking pictures, and e-mailing. On a positive side, smartphones have improved the quality of life by providing multiple services that users desire, for example, anytime-anywhere computing. However, on the other side, they also pose security and privacy threats to the users' stored data. User authentication is the first line of defense to prevent unauthorized access to the smartphone. Several authentication schemes have been proposed over the years; however, their presentation might be perplexing to the new researchers to this domain, under the shade of several buzzwords, for example, active, continuous, implicit, static, and transparent, being introduced in academic papers without comprehensive description. Moreover, most of the reported authentication solutions were evaluated mainly in terms of accuracy, overlooking a very important aspect-the usability. is paper surveys various types and ways of authentication, designed and developed primarily to secure the access to smartphones and attempts to clarify correlated buzzwords, with the motivation to assist new researchers in understanding the gist behind those concepts. We also present the assessment of existing user authentication schemes exhibiting their security and usability issues.

show abstract

"They brought in the horrible key ring thing!" Analysing the Usability of Two-Factor Authentication in UK Online Banking

Cited by 49 publications

References 17 publications

Responsibility and Tangible Security: Towards a Theory of User Acceptance of Security Tokens

Responsibility and Tangible Security: Towards a Theory of User Acceptance of Security Tokens

System usability scale evaluation of online banking services: A South African study

Demystifying Authentication Concepts in Smartphones: Ways and Types to Secure Access

Contact Info

Product

Resources

About