Evaluating the Usability and User Acceptance of Biometric Authentication in Different Applications

This study investigates the usability and user acceptance of biometric authentication across different applications, including mobile devices and smartphones, access control systems, banking and financial applications, healthcare systems, and travel and border control. The research aims to identify the factors that influence user acceptance and the potential challenges faced in each domain. The findings reveal that biometric authentication in mobile devices and smartphones is widely accepted due to its convenience and speed. However, concerns related to false acceptance or rejection rates, sensor accuracy, and privacy issues can affect user acceptance. Similarly, in access control systems, fast and reliable biometric systems with seamless user experiences are more likely to be accepted. Challenges such as long verification times, high false rejection rates, and complex enrollment processes can impact user acceptance negatively. In banking and financial applications, user acceptance depends on the perceived security and privacy of biometric data. Trust in the system, a user-friendly interface, and clear instructions are crucial factors influencing user acceptance. Healthcare systems face unique challenges, including hygiene concerns, ease of use for elderly or disabled patients, and adherence to privacy and security regulations. User acceptance in healthcare settings is influenced by these factors, along with overall system reliability. In travel and border control, biometric authentication, particularly facial recognition, is gaining popularity for identity verification and immigration processes. User acceptance is influenced by factors such as accuracy, speed, and perceived effectiveness in enhancing security and reducing queues. Privacy concerns and data protection policies also play a role in shaping user acceptance

Risk estimation for a secure and usable user authentication mechanism for mobile passenger ID devices

User Authentication in mobile devices acts as a first line of defense verifying the user's identity to allow access to the resources of a device and typically was based on “something the user knows”, known also as knowledge-based user authentication for several decades. However, recent studies point out that although knowledge-based user authentication has been the most popular for authenticating an individual, nowadays it is no more considered secure and convenient for the mobile user as it is imposing several limitations in terms of security and usability. These limitations stress the need for the development and implementation of more secure and usable user authentication methods. Toward this direction, user authentication based on the “something the user is” has caught the attention. This category includes authentication methods which make use of human physical characteristics (also referred to as physiological biometrics), or involuntary actions (also referred to as behavioral biometrics). In particular, risk-based user authentication based on behavioral biometrics appears to have the potential to increase the reliability of authentication without sacrificing usability. In this context, we focus on the estimation of the risk score, in a continuous mode, of the risk-based user authentication mechanism that we have proposed in our previous work for mobile passenger identification (ID) devices for land/sea border control

User authentication and authorization for next generation mobile passenger ID devices for land and sea border control

Despite the significant economic benefits derived from the continuously increasing number of visitors entering the European Union through land-border crossing points or sea ports, novel solutions, such as next generation mobile devices for passenger identification for land and sea border control, are required to promote the comfort of passengers. However, the highly sensitive information handled by these devices makes them an attractive target for attackers. Therefore, strong user authentication and authorization mechanisms are required. Towards this direction, we provide an overview of user authentication and authorization requirements for this new type of devices based on the NIST Special Publication 500-280v2.1

Risk-based user authentication for mobile passenger ID devices for land and sea border control

Although the continuously increasing number of visitors entering the European Union through land-border crossing points or seaports brings tremendous economic benefits, novel border control solutions, such as mobile devices for passenger identification for land and sea border control, are essential to promote further the comfort of passengers. Nevertheless, the highly sensitive information handled by this type of devices makes them an attractive target for malicious actors. Therefore, novel secure and usable user authentication mechanisms are required to increase the level of security of this kind of devices without interrupting border control activities. Towards this direction, we, firstly, discuss risk-based authentication for mobile devices as a suitable approach to deal with the security vs. usability challenge. Besides that, an overview of existing risk estimation approaches – both qualitative and quantitative – is given to provide a foundation for organizing research efforts towards the design and development of proper risk estimation mechanisms for risk-based user authentication for mobile passenger identification devices used by border control officers at land and sea borders

A web-based mouse dynamics visualization tool for user attribution in digital forensic readiness

The Integration of mouse dynamics in user authentication and authorization has gained wider research attention in the security domain, specifically for user identification. However, same cannot be said for user identification from the forensic perspective. As a step in this direction, this paper proposes a mouse behavioral dynamics visualization tool which can be used in a forensic process. The developed tool was used to evaluate human behavioral consistency on several news-related web pages. The result presents promising research tendency which can be reliably applied as a user attribution mechanism in a digital forensic readiness process.http://www.springer.com/series/8197hj2018Computer Scienc

SIPBIO : biometrics SIP extension

During the last few decades biometric technologies have become an important research field in computer security. Their deployment, however, in heterogeneous enterprise systems, is complex due to the lack of standardisation. Session Initiation Protocol (SIP) is a popular communication protocol widely used in voice over Internet protocol networks; due to its flexibility, SIP has been broadly adopted in telecommunications for carrier level and telephony systems. This thesis proposes the use of SIPBIO, an extension to SIP, to establish and control multimedia sessions for biometric interactions. For biometric usage in telecommunications networks, a synthesis of techniques to use human characteristics as challenge tokens for access to network resources is first presented. An overview of the SIP protocol is then exposed, by focusing on understanding SIP messages and their component elements. Posteriorly, advanced concepts, such as extensions to the default protocol are introduced. After the technology background review, the core of the proposal is presented with extensive use-case scenarios of biometric operations and the introduction of necessary SIPBIO requirements. Formal processes are defined along with the method to extend SIP to the proposed SIPBIO protocol. It follows a detailed outline of all headers and body components that give form to SIPBIO and define its nature. These stages provide the fundamentals for the protocol implementation. Finally, simulations of some common cases are presented to show the feasibility of SIPBIO. This can be used as a sample flow for full implementations and applications. This thesis corroborates the viability of using a SIP-based protocol for establishing, maintaining and tearing down biometric multimedia sessions