Skip to main content
SpringerLink
Log in

A usability based approach to designing continuous user biometric authentication system

  • Research Article
  • Published:
Quality and User Experience Aims and scope Submit manuscript

Abstract

The advent of the internet and associated technologies have revolutionized the way we live and work. Today, organizations both public and private rely heavily on information systems to deliver services. The quality and reliability of services delivered by these systems depends on controlled access to these information systems. In mission, critical systems like online examination and military intelligence, there is need to verify constantly the identity of the user throughout the session of interaction (referred to as “continuous user authentication”). Accordingly, researchers have proposed a number of approaches to address the issues of continuous user authentication. However, these approaches require user collaboration, which affects user performance on the core tasks in the business processes because of user task interruptions. Thus, the approaches have usability challenges. Continuous user Biometric Authentication systems have a usability score of the range 55–60% on a System Usability Scale (SUS) on average, interpreted in SUS score as poor. Therefore, this paper discusses the design of a non-intrusive continuous user biometric authentication approach, which aims at guiding the design of continuous user biometric authentication systems with SUS score above the range of 65% in relation to the context of the primary task in the business process. The cognitive approach proposed incorporates usability quality attribute in respect to the users’ primary tasks on the system by applying results from cognitive psychology. The approach allows a designer to understand the impact of a particular re-authentication method to user performance and satisfaction in a continuous user authentication environment.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Flechais I, Mascolo C, Sasse MA (2007) Integrating security and usability into the requirements and design process. Int J Electron Secur Digit Forensics 1(1):12–26

    Article  Google Scholar 

  2. Kainda R, Flechais I, Roscoe AW (2012) Security and usability: analysis and evaluation. In: 8th international conference on availability, reliability, and security, pp 275–282. http://doi.org/10.1109/ARES.2010.77

  3. Sihui Z, Yan Z (2016) A usable authentication system based on personal voice challenge. In: International conference on advanced cloud and big data vol 23, pp 194–199. http://doi.org/10.1109/CBD.2016.23

  4. Braz C, Porrier P, Seffah A (2014) Designing usable, yet secure user authentication service: the cognitive dimension. Commun ACM 12(10):18–20

    Google Scholar 

  5. Mayron LM, Hausawi Y, Bahr GS (2013) Secure, usable biometric authentication systems. In: IEEE Security & Privacy, 8009 LNCS (PART 1), pp 195–204. http://doi.org/10.1007/978-3-642-39188-0-21

  6. Mihajlov M, Blazic BJ, Josimovski S (2012) Quantifying usability and security in authentication. In: Proceedings—international computer software and applications conference, pp 626–629. http://doi.org/10.1109/COMPSAC.2011.87

  7. Sasse MA, Brostoff S, Weirich D (2012) Transforming the “weakest link” - A human/computer interaction approach to usable and effective security. BT Technol J 19(3):122–131. https://doi.org/10.1023/A:1011902718709

    Article  Google Scholar 

  8. Schiavone E, Ceccarelli A, Bondavalli A, Carvalho AMBR (2016) Usability assessment in a multi-biometric continuous authentication system. In: Seventh Latin–American symposium on dependable computing (LADC), pp 43–50. http://doi.org/10.1109/LADC.2016.17

  9. Brooke J (1996) SUS—a quick and dirty usability scale. J Usability Stud 189:4–7

    Google Scholar 

  10. Bangor A, Kortum PT, Miller JT (2008) An empirical evaluation of the sys- tem usability scale. Int J Hum Comput Interact 24(6):574–594

    Article  Google Scholar 

  11. Caputo DD, Pfleeger SL, Sasse MA, Ammann P, Offutt J, Deng L (2016) Barriers to usable security? Three organizational case studies. IEEE Secur Priv 14(5):22–32. https://doi.org/10.1109/MSP.2016.95

    Article  Google Scholar 

  12. Ferreira A, Rusu C, Roncagliolo S (2013) Usability and security patterns. In: Proceedings of the 2nd international conferences on advances in computer–human interactions, ACHI 2013, pp 301–305. http://doi.org/10.1109/ACHI.2009.21

  13. de Waard D, Lewis-Evans B (2014) Self-report scales alone cannot capture mental workload: a reply to De Winter, Controversy in human factors constructs and the explosive use of the NASA TLX: a measurement perspective. Cogn Technol Work 16(3):303–305. https://doi.org/10.1007/s10111-014-0277-z

    Article  Google Scholar 

  14. Azuma R, Daily M, Furmanski C (2006). A review of time critical decision making models and human cognitive processes. In: IEEE aerospace conference. http://doi.org/10.1109/AERO.2006.1656041

  15. Kiesel A, Steinhauser M, Wendt M, Falkenstein M, Jost K, Philipp AM, Koch I (2010) Control and interference in task switching-a review. Psychol Bull 136(5):849–874. https://doi.org/10.1037/a0019842

    Article  Google Scholar 

  16. Grange J, Ion Juvina GH (2013) On costs and benefits of n − 2 repetitions in task switching: towards a behavioural marker of cognitive inhibition. Psychol Res 77(2):211–222

    Article  Google Scholar 

  17. Newell A, Simon H (1972) Human problem solving. Prentice-Hall, Oxford

    Google Scholar 

  18. Das AK, Suresh S (2015) An effect-size based channel selection algorithm for mental task classification in brain computer interface. In: IEEE international conference on systems, man, and cybernetics, pp 3140–3145. http://doi.org/10.1109/SMC.2015.545

  19. Mayilvaganan M, Kalpanadevi D (2014) Designing a human computer interface system based on cognitive model. In: IEEE International conference on computational intelligence and computing research, pp 1–4, http://doi.org/10.1109/ICCIC.2014.7238347

  20. John BE, Patton EW, Gray WD, Morrison DF (2012) Tools for predicting the duration and variability of skilled performance without skilled performers. In: Proceedings of the human factors and ergonomics society annual meeting, vol 56, no 1. SAGE Publications, pp 985–989

  21. Sasse M, Steves M, Krol K, Chisnell D (2014) The great authentication fatigue—and how to overcome it. In: Cross-cultural design. Springer, pp 228–239

  22. Arrington CM, Logan GD (2005) Voluntary task switching: chasing the elusive homunculus. J Exp Psychol Learn Mem Cogn 31(4):683–702. https://doi.org/10.1037/0278-7393.31.4.683

    Article  Google Scholar 

  23. Gade M, Koch I (2007) The influence of overlapping response sets on task inhibition. Memory & Cognit 35(4):603–609. https://doi.org/10.3758/BF03193298

    Article  Google Scholar 

  24. Rubinstein JS, Meyer DE, Evans JE (2001) Executive control of cognitive processes in task switching. J Exp Psychol Hum Percept Perform 27(4):763–797. https://doi.org/10.1037//0096-1523.27.4.763

    Article  Google Scholar 

  25. Agam Y, Sekuler R (2007) Interactions between working memory and visual perception: an ERP/EEG study. Psychol Bull 36(2004):933–942. https://doi.org/10.1016/j.neuroimage.2007.04.014

    Article  Google Scholar 

  26. Tounsi M, David P (2002) Successive search method for solving valued constraint satisfaction and optimization problems. Int J Artif Intell Tools 11:425. https://doi.org/10.1142/S0218213002000964

    Article  Google Scholar 

  27. Thapper J, Živný S (2012) The power of linear programming for valued CSPs. In: Proceedings—annual IEEE symposium on foundations of computer science, FOCS, (Lix), pp 669–678. http://doi.org/10.1109/FOCS.2012.25

  28. Freuder EC, Wallace M (2014) Constraint programming. In: Search methodologies, pp 239–272. Retrieved from http://dx.doi.org/10.1007/0-387-28356-0_9

  29. Tulving E, Voi MEL, Routh DA, Loftus E (1983) Ecphoric processes in episodic memory [and discussion]. Philos Trans R Soc B Biol Sci 302(1110):361–371. https://doi.org/10.1098/rstb.1983.0060

    Article  Google Scholar 

  30. Hebrard E, O’Mahony E, O’Sullivan B (2010) Constraint programming and combinatorial optimisation in Numberjack. In: Proceedings of the 7th international conference on integration of AI and OR techniques in constraint programming for combinatorial optimization problems (CPAIOR-10), Lecture Notes in Computer Science. Springer, pp 181–185

  31. Renaud K (2007) Quantifying the quality of web authentication mechanisms: a usability perspective. J Web Eng 3(2):95–123. https://doi.org/10.1007/978-1-4614-4878-5_2

    Article  Google Scholar 

  32. De Marsico M, Galdi C, Nappi M, Riccio D (2014) FIRME: face and iris recognition for mobile engagement. Image Vis Comput. https://doi.org/10.1016/j.imavis.2013.12.014

    Article  Google Scholar 

  33. Crawford H, Renaud K, Tim S (2013) A framework for continuous, transparent mobile device authentication. Comput Secur 39:127–136

    Article  Google Scholar 

  34. Toledano DT, Fernández Pozo R, Hernández Trapote Á, Hernández Gómez L (2006) Usability evaluation of multi-modal biometric verification systems. Interact Comput 18(5):1101–1122. https://doi.org/10.1016/j.intcom.2006.01.004

    Article  Google Scholar 

  35. Buriro A, Crispo B, Delfrari F, Wrona K (2016) Hold and sign : a novel behavioral biometrics for smartphone user authentication. In: IEEE security and privacy, pp 1–10. http://doi.org/10.1109/SPW.2016.20

  36. Ruoti S, Roberts B, Seamons K (2015) Authentication melee: a usability analysis of seven web authentication systems. In: WWW '15 proceedings of the 24th international conference on world wide web. ACM, pp 916–926. https://doi.org/10.1145/2736277.2741683

  37. Trewin S, Swart C, Koved L, Martino J, Singh K, Ben-David S (2012) Biometric authentication on a mobile device: a study of user effort, error and task disruption. In: Proceedings of the 28th annual computer security applications conference on—ACSAC’12, p 159. http://doi.org/10.1145/2420950.2420976

Download references

Author information

Authors and Affiliations

  1. Department of Networks, Makerere University, Kampala, Uganda

    Dennis Mugambi Kaburu, Julianne Sansa-Otim, Drake Patrick Mirembe & Tony Bulega

  2. Department of Mental Health and Community Psychology, Makerere University, Kampala, Uganda

    Kajumba Mayanja

Authors
  1. Dennis Mugambi Kaburu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Julianne Sansa-Otim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kajumba Mayanja
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Drake Patrick Mirembe
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Tony Bulega
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dennis Mugambi Kaburu.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kaburu, D.M., Sansa-Otim, J., Mayanja, K. et al. A usability based approach to designing continuous user biometric authentication system. Qual User Exp 3, 8 (2018). https://doi.org/10.1007/s41233-018-0021-1

Download citation

  • Received:

  • Published:

  • DOI: https://doi.org/10.1007/s41233-018-0021-1

Keywords

Search

Navigation