SecuriCast: Zero-touch two-factor authentication using WebBluetooth

Thomas Dressel, Eik List, Florian Echtler

Research output: Contribution to book/anthology/report/conference proceedingArticle in proceedingResearchpeer-review

1 Citation (Scopus)

Abstract

Simple username/password logins are widely used on the web, but are susceptible to multiple security issues, such as database leaks, phishing, and password re-use. Two-factor authentication is one way to mitigate these issues, but suffers from low user acceptance due to (perceived) additional effort. We introduce SecuriCast, a method to provide two-factor authentication using WebBluetooth as a secondary channel between an unmodified web browser and the user's smart-phone. Depending on the usage scenario and the desired level of security, no device switch and only minimal additional interaction is required from the user. We analyse SecuriCast based on the framework by Bonneau et al., briefly report on results from a user study with 30 participants demonstrating performance and perceived usability of SecuriCast, and discuss possible attack scenarios and extensions.
Original languageEnglish
Title of host publicationProceedings of the ACM SIGCHI Symposium on Engineering Interactive Computing Systems, EICS 2019
PublisherAssociation for Computing Machinery
Publication date18 Jun 2019
Article number3328225
ISBN (Electronic)9781450367455
DOIs
Publication statusPublished - 18 Jun 2019
Externally publishedYes
Event11th ACM SIGCHI Symposium on Engineering Interactive Computing Systems, EICS 2019 - Valencia, Spain
Duration: 18 Jun 201921 Jun 2019

Conference

Conference11th ACM SIGCHI Symposium on Engineering Interactive Computing Systems, EICS 2019
Country/TerritorySpain
CityValencia
Period18/06/201921/06/2019
SponsorACM Special Interest Group on Computer-Human Interaction (SIGCHI)
SeriesProceedings of the ACM SIGCHI Symposium on Engineering Interactive Computing Systems, EICS 2019

Keywords

  • Bluetooth low energy
  • BTLE
  • Smartphone
  • Smartwatch
  • TFA
  • Two-factor authentication
  • WebBluetooth

Fingerprint

Dive into the research topics of 'SecuriCast: Zero-touch two-factor authentication using WebBluetooth'. Together they form a unique fingerprint.

Cite this