Reconciling usability and security: Interaction design guidance and practices for on-line user authentication

Michael Lang

doi:10.1007/978-1-4419-9790-6_32

Reconciling usability and security: Interaction design guidance and practices for on-line user authentication

Michael Lang

National University of Ireland

Research output: Chapter in Book or Conference Publication/Proceeding › Conference Publication › peer-review

Abstract

Usability and security are often portrayed as though they are competing priorities in information systems development. Given that both are essential to the design of an effective system, it is important that these two prerogatives should be reconciled. In recent years, there is growing concern with the rising incidence of on-line impersonation, theft and other types of fraud. It is therefore important that an information system must have a secure and rigorous way of authenticating a user's identity. This paper reviews the sources of literature on interactive design guidance for on-line user authentication, and then compares the actual practices of a purposefully selected sample of twelveWebsites against the recommendations from the literature. Alarmingly, the findings of this study are that manyWebsites have user authentication processes which contain basic design flaws that are potentially open to exploitation by Internet criminals.

Original language	English
Title of host publication	Information Systems Development - Business Systems and Services
Subtitle of host publication	Modeling and Development
Pages	397-416
Number of pages	20
DOIs	https://doi.org/10.1007/978-1-4419-9790-6_32
Publication status	Published - 2011
Externally published	Yes
Event	19th International Conference on Information Systems Development, ISD 2010 - Prague, Czech Republic Duration: 25 Aug 2010 → 27 Aug 2010

Publication series

Name	Information Systems Development - Business Systems and Services: Modeling and Development

Conference

Conference	19th International Conference on Information Systems Development, ISD 2010
Country/Territory	Czech Republic
City	Prague
Period	25/08/10 → 27/08/10

Access to Document

10.1007/978-1-4419-9790-6_32

Cite this

Lang, M. (2011). Reconciling usability and security: Interaction design guidance and practices for on-line user authentication. In Information Systems Development - Business Systems and Services: Modeling and Development (pp. 397-416). (Information Systems Development - Business Systems and Services: Modeling and Development). https://doi.org/10.1007/978-1-4419-9790-6_32

@inproceedings{1ac2e9d0767c4aea9aa7db8390dedc8f,

title = "Reconciling usability and security: Interaction design guidance and practices for on-line user authentication",

abstract = "Usability and security are often portrayed as though they are competing priorities in information systems development. Given that both are essential to the design of an effective system, it is important that these two prerogatives should be reconciled. In recent years, there is growing concern with the rising incidence of on-line impersonation, theft and other types of fraud. It is therefore important that an information system must have a secure and rigorous way of authenticating a user's identity. This paper reviews the sources of literature on interactive design guidance for on-line user authentication, and then compares the actual practices of a purposefully selected sample of twelveWebsites against the recommendations from the literature. Alarmingly, the findings of this study are that manyWebsites have user authentication processes which contain basic design flaws that are potentially open to exploitation by Internet criminals.",

author = "Michael Lang",

year = "2011",

doi = "10.1007/978-1-4419-9790-6\_32",

language = "English",

isbn = "9781441996459",

series = "Information Systems Development - Business Systems and Services: Modeling and Development",

pages = "397--416",

booktitle = "Information Systems Development - Business Systems and Services",

note = "19th International Conference on Information Systems Development, ISD 2010 ; Conference date: 25-08-2010 Through 27-08-2010",

}

Lang, M 2011, Reconciling usability and security: Interaction design guidance and practices for on-line user authentication. in Information Systems Development - Business Systems and Services: Modeling and Development. Information Systems Development - Business Systems and Services: Modeling and Development, pp. 397-416, 19th International Conference on Information Systems Development, ISD 2010, Prague, Czech Republic, 25/08/10. https://doi.org/10.1007/978-1-4419-9790-6_32

Reconciling usability and security: Interaction design guidance and practices for on-line user authentication. / Lang, Michael.
Information Systems Development - Business Systems and Services: Modeling and Development. 2011. p. 397-416 (Information Systems Development - Business Systems and Services: Modeling and Development).

Research output: Chapter in Book or Conference Publication/Proceeding › Conference Publication › peer-review

TY - GEN

T1 - Reconciling usability and security

T2 - 19th International Conference on Information Systems Development, ISD 2010

AU - Lang, Michael

PY - 2011

Y1 - 2011

N2 - Usability and security are often portrayed as though they are competing priorities in information systems development. Given that both are essential to the design of an effective system, it is important that these two prerogatives should be reconciled. In recent years, there is growing concern with the rising incidence of on-line impersonation, theft and other types of fraud. It is therefore important that an information system must have a secure and rigorous way of authenticating a user's identity. This paper reviews the sources of literature on interactive design guidance for on-line user authentication, and then compares the actual practices of a purposefully selected sample of twelveWebsites against the recommendations from the literature. Alarmingly, the findings of this study are that manyWebsites have user authentication processes which contain basic design flaws that are potentially open to exploitation by Internet criminals.

AB - Usability and security are often portrayed as though they are competing priorities in information systems development. Given that both are essential to the design of an effective system, it is important that these two prerogatives should be reconciled. In recent years, there is growing concern with the rising incidence of on-line impersonation, theft and other types of fraud. It is therefore important that an information system must have a secure and rigorous way of authenticating a user's identity. This paper reviews the sources of literature on interactive design guidance for on-line user authentication, and then compares the actual practices of a purposefully selected sample of twelveWebsites against the recommendations from the literature. Alarmingly, the findings of this study are that manyWebsites have user authentication processes which contain basic design flaws that are potentially open to exploitation by Internet criminals.

UR - https://www.scopus.com/pages/publications/84881454850

U2 - 10.1007/978-1-4419-9790-6_32

DO - 10.1007/978-1-4419-9790-6_32

M3 - Conference Publication

AN - SCOPUS:84881454850

SN - 9781441996459

T3 - Information Systems Development - Business Systems and Services: Modeling and Development

SP - 397

EP - 416

BT - Information Systems Development - Business Systems and Services

Y2 - 25 August 2010 through 27 August 2010

ER -

Reconciling usability and security: Interaction design guidance and practices for on-line user authentication

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this