research-article

On the need for different security methods on mobile phones

Authors:

Noam Ben-Asher,

Niklas Kirschnick,

Sebastian MöllerAuthors Info & Claims

MobileHCI '11: Proceedings of the 13th International Conference on Human Computer Interaction with Mobile Devices and Services

Pages 465 - 473

https://doi.org/10.1145/2037373.2037442

Published: 30 August 2011 Publication History

Abstract

Mobile phones are rapidly becoming small-size general purpose computers, so-called smartphones. However, applications and data stored on mobile phones are less protected from unauthorized access than on most desktop and mobile computers. This paper presents a survey on users' security needs, awareness and concerns in the context of mobile phones. It also evaluates acceptance and perceived protection of existing and novel authentication methods. The responses from 465 participants reveal that users are interested in increased security and data protection. The current protection by using PIN (Personal Identification Number) is perceived as neither adequate nor convenient in all cases. The sensitivity of data stored on the devices varies depending on the data type and the context of use, asking for the need for another level of protection. According to these findings, a two-level security model for mobile phones is proposed. The model provides differential data and service protection by utilizing existing capabilities of a mobile phone for authenticating users.

References

[1]

Ben-Asher, N., Ben-Oved, A., Meyer, J.: Preliminary survey results --- project "Graded Security for Mobiles". Deutsche Telekom Laboratories 2009

[2]

Botha, R., Furnell, S., and Clarke, N.: From desktop to mobile: Examining the security experience. Computers & Security, 28(3--4):130--137, 2009.

[3]

Braz, C., and Robert, J.: Security and usability: the case of the user authentication methods. Proceedings of the 18th International Conference of the Association Francophone d'Interaction Homme-Machine, page 203. ACM, 2006.

Digital Library

[4]

Clarke, N., and Furnell, S.: Authentication of users on mobile telephones --- A survey of attitudes and practices. Computers & Security, 24(7):519--527, 2005.

Digital Library

[5]

Clarke, N., and Furnell, S.: Advanced user authentication for mobile devices. Computers & Security, 26(2):109--119, 2007.

Digital Library

[6]

Clarke, N., Furnell, S., Rodwell, P., and Reynolds P.: Acceptance of subscriber authentication methods for mobile telephony devices. Computers & Security, 21(3):220--228, 2002.

Digital Library

[7]

Clarke, N., Furnell, S., Reynolds P.: Biometric authentication for mobile devices. In: Proceedings of the 3rd Australian Information Warfare and Security Conference, Perth, Western Australia, 28--29 November 2002

[8]

Dörflinger, T., Voth, A., Krämer, J.: "My Smartphone is a Safe!" The user's point of view regarding novel authentication methods and gradual security levels on smartphones. The International Conference on Security and Cryptography (SECRYPT) 2010, July 26--28, Athens, Greece

[9]

Furnell, S., Clarke, N., and Karatzouni, S.: Beyond the pin: Enhancing user authentication for mobile devices. Computer Fraud & Security, 2008(8):12--17, 2008.

[10]

IDC: IDC press release from 28 Jan 2010 at www.idc.com/getdoc.jsp?containerId= prUS22186410

[11]

Imperva Application Defense Center: Consumer Password Worst Practices. Imperva 2010 at www.imperva.com/docs/WP_Consumer_Password_Worst_Practices.pdf

[12]

Jain, A. K., Flynn, P., Ross, A. A. (eds.): Handbook of Biometrics. Springer (2008)

Digital Library

[13]

Karlson, A., Brush, A., and Schechter, S.: Can I borrow your phone?: Understanding concerns when sharing mobile phones. Proceedings of the 27thinternational conference on Human factors in computing systems, pages 1647--1650. ACM New York, NY, USA, 2009.

Digital Library

[14]

Kowalski, S. and Goldstein, M.: Consumers' Awareness of, Attitudes Towards and Adoption of Mobile Phone Security. Human Factors in Telecommunication (HFT) 06, 2006.

[15]

Leavitt, N.: Mobile phones: The next frontier for hackers. IEEE Computer, 38(4): 20--23, 2005.

Digital Library

[16]

McAfee, I.: Mobile Security Report 2009. Technical report, McAfee, 2009.

[17]

Richardson, R.: CSI computer crime and security survey. Computer Security Institute, 2009.

[18]

Riley, S.: Password security: what users know and what they actually do. Usability News, 8(1), 2006.

[19]

Samarati, P. and De Capitani di Vimercati, S.: Access control: Policies, models, and mechanisms. Lecture Notes in Computer Science, pages 137--196, 2001.

[20]

Samuelson, W. and Zeckhauser, R.: Status quo bias in decision making. Journal of risk and uncertainty, 1(1):7--59, 1988.

[21]

Shaw, K.: Data on PDAs mostly unprotected, survey finds. World Wide Web electronic publication, 2004.

[22]

Sieger, H., Kirschnick, N., Möller, S.: Poster: User preferences for biometric authentication methods and graded security on mobile phones. Symposium on Usability, Privacy, and Security (SOUPS) 2010

[23]

Siponen, M.: A conceptual foundation for organizational information security awareness. Information Management and Computer Security, 8(1):31--41, 2000.

[24]

Tognazzini, B.: Design for Usability. Cranor, L. F., Garfinkel, S. (eds.): Security and Usability. Designing Secure Systems That People Can Use. O'Reilly (2005)

[25]

Examined websites (as of early February 2011): Apple, Inc.: www.apple.com, LG Electronics, Inc.: www.lge.com, Motorola, Inc.: www.motorola.com, Nokia Corp.: www.nokia.com, Research in Motion Ltd.: www.rim.com, Samsung Electronics Co. Ltd.: www.samsumg.com, Sony Ericsson Mobile Communications AB: www.sonyericsson.com

Cited By

Yıldırım MDemirer V(2024)A Scale Development and Application Study on Smartphone Security AwarenessGazi University Journal of Science10.35378/gujs.142798437:4(1691-1705)Online publication date: 1-Dec-2024
https://doi.org/10.35378/gujs.1427984
Mahpar NJamaludin NAhmad Jamil NShuib N(2024)Effects of Age and Mobile Technology Usage on Employee EngagementEnvironment-Behaviour Proceedings Journal10.21834/e-bpj.v9iSI17.54549:SI17(479-484)Online publication date: 7-Jan-2024
https://doi.org/10.21834/e-bpj.v9iSI17.5454
Park SKim H(2024)Extracting product design guidance from online reviews: An explainable neural network-based approachExpert Systems with Applications10.1016/j.eswa.2023.121357236(121357)Online publication date: Feb-2024
https://doi.org/10.1016/j.eswa.2023.121357
Show More Cited By

Index Terms

On the need for different security methods on mobile phones
1. Information systems
  1. Information systems applications
2. Security and privacy
  1. Security services
    1. Access control
    2. Authentication
  2. Systems security
    1. Operating systems security

Recommendations

Differences in users' state of awareness and practices regarding mobile phones security among EU countries
CIT'11: Proceedings of the 5th WSEAS international conference on Communications and information technology

As a style statement and useful communication device, the mobile phone has become a vital part of daily life for the majority of population in the developed world. While we are enjoying the technological advances that mobile phones offer, we are also ...
Playing different games on different phones: an empirical study on mobile gaming
MobileHCI '08: Proceedings of the 10th international conference on Human computer interaction with mobile devices and services

With the growing popularity of mobile phone gaming, design issues with mobile phone games have become more important. Given the complexity of designing games for mobile phones, game developers must understand how mobile phone users' gaming experiences ...
A Survey on Multi-Factor Authentication Methods for Mobile Devices
ICSIM '21: Proceedings of the 2021 4th International Conference on Software Engineering and Information Management

The use of mobile devices worldwide has been on the increase. More and more people are using mobile devices to carry out activities on the Internet. The activities include checking emails, online banking, school, and work activities. However, mobile ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

MobileHCI '11: Proceedings of the 13th International Conference on Human Computer Interaction with Mobile Devices and Services

August 2011

781 pages

ISBN:9781450305419

DOI:10.1145/2037373

General Chair:
Markus Bylund
Swedish INstitute of Computer Science (SICS)
,
Program Chairs:
Oskar Juhlin
Mobile Life Centre, Stockholm University
,
Ylva Fernaeus
Mobile Life Centre, SICS

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Nokia
Swedish Institute of Computer Science: Swedish Institute of Computer Science
ERICSSON

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 August 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

MobileHCI '11

Sponsor:

Swedish Institute of Computer Science

MobileHCI '11: 13th International Conference on Human Computer Interaction with Mobile Devices and Services

August 30 - September 2, 2011

Stockholm, Sweden

Acceptance Rates

Overall Acceptance Rate 202 of 906 submissions, 22%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

86
Total Citations
View Citations
2,633
Total Downloads

Downloads (Last 12 months)41
Downloads (Last 6 weeks)2

Reflects downloads up to 17 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Yıldırım MDemirer V(2024)A Scale Development and Application Study on Smartphone Security AwarenessGazi University Journal of Science10.35378/gujs.142798437:4(1691-1705)Online publication date: 1-Dec-2024
https://doi.org/10.35378/gujs.1427984
Mahpar NJamaludin NAhmad Jamil NShuib N(2024)Effects of Age and Mobile Technology Usage on Employee EngagementEnvironment-Behaviour Proceedings Journal10.21834/e-bpj.v9iSI17.54549:SI17(479-484)Online publication date: 7-Jan-2024
https://doi.org/10.21834/e-bpj.v9iSI17.5454
Park SKim H(2024)Extracting product design guidance from online reviews: An explainable neural network-based approachExpert Systems with Applications10.1016/j.eswa.2023.121357236(121357)Online publication date: Feb-2024
https://doi.org/10.1016/j.eswa.2023.121357
Tomáš Doseděl Marcela Petrová Kafková Lucie Vidovićová (2023)Age and gender difference in ICT literacy and biometrics knowledgeSociální studia / Social Studies10.5817/SOC2022-2129120:1Online publication date: 2-Aug-2023
https://doi.org/10.5817/SOC2022-21291
Ashraf ATaha Ul Habib Bajwa NKönig CJaved MMustafa MKelley PKapadia A(2023)"Stalking is immoral but not illegal"Proceedings of the Nineteenth USENIX Conference on Usable Privacy and Security10.5555/3632186.3632189(37-56)Online publication date: 7-Aug-2023
https://dl.acm.org/doi/10.5555/3632186.3632189
Paudel RDumaru PShrestha AKocabas HAl-Ameen M(2023)A Deep Dive into User's Preferences and Behavior around Mobile Phone SharingProceedings of the ACM on Human-Computer Interaction10.1145/35795957:CSCW1(1-22)Online publication date: 16-Apr-2023
https://dl.acm.org/doi/10.1145/3579595
Mangano GFerrari ARafele CVezzetti EMarcolin F(2023)Willingness of sharing facial data for emotion recognition: a case study in the insurance marketAI & SOCIETY10.1007/s00146-023-01690-539:5(2373-2384)Online publication date: 28-May-2023
https://doi.org/10.1007/s00146-023-01690-5
Naveed SNaveed HJaved MMustafa M(2022)”Ask this from the person who has private stuff”: Privacy Perceptions, Behaviours and Beliefs Beyond W.E.I.R.DProceedings of the 2022 CHI Conference on Human Factors in Computing Systems10.1145/3491102.3501883(1-17)Online publication date: 29-Apr-2022
https://dl.acm.org/doi/10.1145/3491102.3501883
Singh SKant C(2021)Biometric Systems in Mobile DevicesResearch Anthology on Securing Mobile Technologies and Applications10.4018/978-1-7998-8545-0.ch023(426-433)Online publication date: 2021
https://doi.org/10.4018/978-1-7998-8545-0.ch023
Pshehotskaya EMikhalsky O(2021)Theft Preventive Measures for Interconnected Personal Computer Devices as Proactive Physical Security of DataResearch Anthology on Securing Mobile Technologies and Applications10.4018/978-1-7998-8545-0.ch018(337-352)Online publication date: 2021
https://doi.org/10.4018/978-1-7998-8545-0.ch018
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten