#1046 Towards Usable and Secure Location-based Smartphone Authentication


More

  • None

Rejected

[PDF] Submission (1.1MB) Mar 25, 2020, 9:27:06 AM GMT · 6dac3b6f0e4cb66f31bbfe32774fd98b7c780d4b461eec16ebd4c784e53591e56dac3b6f

The concept of using location information to implicitly unlock smartphones is being widely commercialized on Android phones: once a user registers a location that she is willing to trust, her phone would unlock automatically when the user physically moves to that trusted location. To date, however, security risks associated with misuse of locations to unlock phones (e.g., people registering unsafe locations) have not been studied before. To bridge this gap, we conducted an interview study with 18 participants to study users' perceptions on the location-based smartphone authentication, and identified key design requirements such as the need to support fine-grained indoor location registration. We then conducted a field study with 29 participants to study real-world usage behaviors with a fully working application that we implemented. Our findings suggest that people often register non-private (potentially unsafe) locations as trusted locations, and select large (phone unlock) coverage areas without considering security implications. As for usability benefits, however, the participants were able to reduce about 37% of manual unlock attempts on average by using our location-based implicit authentication service.

G. Cho, S. Kwag, J. Huh, B. Kim, C. Lee, H. Kim
Any related concurrent submissions/papers have been acknowledged
This paper was not rejected from MobiCom 2020 (summer deadline)
The submission conforms to the IRB policies (if any) of the authors' institutions.

  • Security and privacy issues/solutions for mobile/wireless systems
  • Ubiquitous computing and mobile human computer interaction

To edit this submission, sign in using your email and password.

OveMerNovExcTecQuaWriQuaRevExp
Review #1046A211B2
Review #1046B211B2
Review #1046C211A3

[Text] Reviews in plain text