TU Darmstadt / ULB / TUbiblio

FIDO2 the Rescue? Platform vs. Roaming Authentication on Smartphones

Würsching, Leon ; Putz, Florentin ; Haesler, Steffen ; Hollick, Matthias (2023)
FIDO2 the Rescue? Platform vs. Roaming Authentication on Smartphones.
ACM 2023 CHI Conference on Human Factors in Computing Systems. Hamburg, Germany (23.-28.04.2023)
doi: 10.1145/3544548.3580993
Conference or Workshop Item, Bibliographie

Abstract

Modern smartphones support FIDO2 passwordless authentication using either external security keys or internal biometric authentication, but it is unclear whether users appreciate and accept these new forms of web authentication for their own accounts. We present the first lab study (N=87) comparing platform and roaming authentication on smartphones, determining the practical strengths and weaknesses of FIDO2 as perceived by users in a mobile scenario. Most participants were willing to adopt passwordless authentication during our in-person user study, but closer analysis shows that participants prioritize usability, security, and availability differently depending on the account type. We identify remaining adoption barriers that prevent FIDO2 from succeeding password authentication, such as missing support for contemporary usage patterns, including account delegation and usage on multiple clients.

Item Type: Conference or Workshop Item
Erschienen: 2023
Creators: Würsching, Leon ; Putz, Florentin ; Haesler, Steffen ; Hollick, Matthias
Type of entry: Bibliographie
Title: FIDO2 the Rescue? Platform vs. Roaming Authentication on Smartphones
Language: English
Date: 19 April 2023
Publisher: ACM
Book Title: CHI '23: Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems
Event Title: ACM 2023 CHI Conference on Human Factors in Computing Systems
Event Location: Hamburg, Germany
Event Dates: 23.-28.04.2023
DOI: 10.1145/3544548.3580993
Corresponding Links:
Abstract:

Modern smartphones support FIDO2 passwordless authentication using either external security keys or internal biometric authentication, but it is unclear whether users appreciate and accept these new forms of web authentication for their own accounts. We present the first lab study (N=87) comparing platform and roaming authentication on smartphones, determining the practical strengths and weaknesses of FIDO2 as perceived by users in a mobile scenario. Most participants were willing to adopt passwordless authentication during our in-person user study, but closer analysis shows that participants prioritize usability, security, and availability differently depending on the account type. We identify remaining adoption barriers that prevent FIDO2 from succeeding password authentication, such as missing support for contemporary usage patterns, including account delegation and usage on multiple clients.

Uncontrolled Keywords: emergenCITY_KOM, emergenCITY
Additional Information:

Art.No.: 68

Divisions: 20 Department of Computer Science
20 Department of Computer Science > Sichere Mobile Netze
LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > emergenCITY
Date Deposited: 30 Mar 2023 08:56
Last Modified: 20 Apr 2023 10:40
PPN:
Corresponding Links:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details