Continuous implicit authentication mechanisms verify usersover time. In case the device’s confidence level (DCL) is toolow, the user is prompted with a re-authentication request,which has been shown to annoy many users due to its unpredictable nature. We address this with a novel approach toenable users to anticipate the need for re-authentication withtwo indicators: (1) a long term indicator shows the currentDCL and its development over time, and (2) a short term indicator announces that re-authentication is imminent. In bothcases voluntary re-authentication allows the DCL to be raisedand a device lock to be avoided. We tested the indicators ina four week field study (N=32). Our results show that both
indicators were preferred over giving no indication and thatimportance and sensitivity of the interrupted task have a strongimpact on user annoyance. Voluntary re-authentications wereperceived as positive.

Publikation

Lukas Mecke, Sarah Delgado Rodriguez, Daniel Buschek, Sarah Prange and Florian Alt.Communicating Device Confidence Level and Upcoming Re-Authentications in Continuous Authentication Systems on Mobile Devices.In Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019). USENIX Association, Santa Clara, CA.[Download Bibtex][Video of the Presentation]