Exploring Website Location as a Security Indicator
Abstract
Authenticating websites is an ongoing problem for users. Recent proposals have suggested strengthening current server authentication methods by incorporating website location as a comprehensible additional trust factor. In this work, we explore users' acceptance of location information and how it affects decision-making for security and privacy. We conducted a series of qualitative interviews to learn how location can be integrated into users' decision-making for security, and we designed a security indicator to alert the user to changes in website locations. We evaluated our tool in a 44-participant user study and found that users were less likely to perform security-sensitive tasks when alerted to location changes. Our results suggest that website location can be used as an effective indicator for users' security assessments.
- Publication:
-
arXiv e-prints
- Pub Date:
- October 2016
- DOI:
- 10.48550/arXiv.1610.03647
- arXiv:
- arXiv:1610.03647
- Bibcode:
- 2016arXiv161003647Y
- Keywords:
-
- Computer Science - Cryptography and Security;
- Computer Science - Computers and Society
- E-Print:
- 13 pages, 4 figures, 7 tables. Published at the 2018 NDSS Workshop on Usable Security (USEC)