Gutmann, Andreas ; Renaud, Karen ; Volkamer, Melanie (2015)
Nudging Bank Account Holders Towards More Secure PIN Management.
doi: 10.20533/jitst.2046.3723.2015.0049
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
The memorability of PINs is an enduring security issue. This is especially pertinent in the context of banking, where technical systems evolve more slowly than in other contexts (e.g. many mobile phone operating systems have adopted alternative authentication mechanisms). Banking customers who struggle to memorise all their PINs often record them, sometimes insecurely, flying in the face of advice from their banks. Banks respond to memorisation difficulties by permitting customers to change their PINs. The reality is that both recording and changing unwittingly weakens the mechanism by increasing predictability. Yet trying to forbid these coping strategies is futile. It is far better to acknowledge the prevalence of such behaviours and to try to nudge people towards more secure PIN management. In this paper, we suggest a way of achieving this.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2015 |
| Autor(en): | Gutmann, Andreas ; Renaud, Karen ; Volkamer, Melanie |
| Art des Eintrags: | Bibliographie |
| Titel: | Nudging Bank Account Holders Towards More Secure PIN Management |
| Sprache: | Englisch |
| Publikationsjahr: | Juni 2015 |
| Verlag: | Infonomics Society |
| Buchtitel: | Journal of Internet Technology and Secured Transaction (JITST) |
| Band einer Reihe: | 4 |
| DOI: | 10.20533/jitst.2046.3723.2015.0049 |
| Kurzbeschreibung (Abstract): | The memorability of PINs is an enduring security issue. This is especially pertinent in the context of banking, where technical systems evolve more slowly than in other contexts (e.g. many mobile phone operating systems have adopted alternative authentication mechanisms). Banking customers who struggle to memorise all their PINs often record them, sometimes insecurely, flying in the face of advice from their banks. Banks respond to memorisation difficulties by permitting customers to change their PINs. The reality is that both recording and changing unwittingly weakens the mechanism by increasing predictability. Yet trying to forbid these coping strategies is futile. It is far better to acknowledge the prevalence of such behaviours and to try to nudge people towards more secure PIN management. In this paper, we suggest a way of achieving this. |
| Freie Schlagworte: | Security, Usability and Society |
| ID-Nummer: | TUD-CS-2016-0017 |
| Fachbereich(e)/-gebiet(e): | LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt 20 Fachbereich Informatik > SECUSO - Security, Usability and Society 20 Fachbereich Informatik > Theoretische Informatik - Kryptographie und Computeralgebra Profilbereiche > Cybersicherheit (CYSEC) LOEWE > LOEWE-Zentren 20 Fachbereich Informatik Profilbereiche LOEWE |
| Hinterlegungsdatum: | 28 Jul 2016 18:35 |
| Letzte Änderung: | 17 Mai 2018 13:02 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum