User-friendly password methods for computer-mediated information systems
Computers and Security
Cognitive passwords: the key to easy access control
Computers and Security
Communications of the ACM
Password security: a case history
Communications of the ACM
Pretty good persuasion: a first step towards effective password security in the real world
Proceedings of the 2001 workshop on New security paradigms
Usability and biometric verification at the ATM interface
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Moving from the design of usable security technologies to the design of useful secure applications
Proceedings of the 2002 workshop on New security paradigms
The domino effect of password reuse
Communications of the ACM - Human-computer etiquette
Customers, Passwords, and Web Sites
IEEE Security and Privacy
Discovering Statistics Using SPSS
Discovering Statistics Using SPSS
Two-factor authentication: too little, too late
Communications of the ACM - Transforming China
Building security and trust in online banking
CHI '05 Extended Abstracts on Human Factors in Computing Systems
A convenient method for securely managing passwords
WWW '05 Proceedings of the 14th international conference on World Wide Web
The TIPPI Point: Toward Trustworthy Interfaces
IEEE Security and Privacy
Case Study: Online Banking Security
IEEE Security and Privacy
Secure Internet Banking Authentication
IEEE Security and Privacy
Security and usability: the case of the user authentication methods
IHM '06 Proceedings of the 18th International Conferenceof the Association Francophone d'Interaction Homme-Machine
Password management strategies for online accounts
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Password security: an empirical study
Journal of Management Information Systems
Usability evaluation of multi-modal biometric verification systems
Interacting with Computers
Functionality and usability in design for eStatements in eBanking services
Interacting with Computers
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
Using and managing multiple passwords: A week to a view
Interacting with Computers
A field study of user behavior and perceptions in smartcard authentication
INTERACT'11 Proceedings of the 13th IFIP TC 13 international conference on Human-computer interaction - Volume Part IV
Human-computer interaction for security research: the case of EU E-banking systems
INTERACT'11 Proceedings of the 13th IFIP TC 13 international conference on Human-computer interaction - Volume Part IV
A Usability Comparison of SMS and IVR as Digital Banking Channels
International Journal of Technology and Human Interaction
International Journal of Technology and Human Interaction
An Expert Panel Approach on Developing a Unified System Authentication Benchmarking Index
International Journal of Interdisciplinary Telecommunications and Networking
Hi-index | 0.01 |
Multi-factor authentication involves the use of more than one mode in authentication processes and is typically employed to increase security compared to a fixed password (knowledge-based mode). This research compared three different eBanking authentication processes, a two-layer password (1-factor) method and two alternative 2-factor solutions. The 2-factor processes used One-Time-Passcodes (OTPs) delivered either via a small, single-use device or by text message to a mobile phone. The three authentication methods were compared in a repeated-measures experiment with 141 participants. Three user groups were balanced in the experiment to investigate the effect of experience (current users of the service) on perceptions of usability and security. Attitudes toward usability and observations were taken for each process. Other data gathered quality ratings, preferences and ranked comparisons regarding convenience and security issues. Both 2-factor methods scored significantly higher than the 1-factor method for eBanking authentication usability metrics overall, but experienced users gave higher scores to the 1-factor method they currently use. Overall preferences were spread evenly between the three methods. However, the majority of the participant sample perceived the 1-factor method they had most experience with as being the most secure and most convenient option. The results offer insight into customer attitudes important in their selection of authentication options: convenience, personal ownership and habitual experience of processes.