Engineers at University of Washington in Seattle and Texas State University in San Marcos found eye-tracking can be an acceptable alternative to passwords for computer authentication if it can be made easy for users. The research team led by Washington’s Cecilia Aragon presented its findings last month at a meeting of the International Association for Pattern Recognition in Madrid, Spain.
Aragon, with Washington colleague Michael Brooks and Texas State’s Oleg Komogortsev, sought to discover why biometric technologies are not progressing faster to authenticate users of computer systems when they log on. Aragon’s research is in human-centered design and engineering, and approached the issue from the standpoint of the user’s experiences.
The researchers designed a technique for biometric authentication that identifies people based on their eye movements, and tested the technique to get feedback on usability and perceived security. The technology they devised has a tracking device that picks up the unique way each person’s eye moves. The device uses infrared light that reflects off the surface of the eyeball back to a camera when a user’s eye is following a dot or words on a screen.
The study asked participants to simulate making cash withdrawals from an ATM, a familiar financial exercise requiring authentication, and one where most ATMs have cameras installed for security. In addition to an eye-tracking device presented as a game, the mock ATMs also had the standard four-character PIN code and a reading exercise that follows a user’s eyes as they move past each word.
Interviewed after the exercise, the 22 participants — mainly students — rated the standard PIN highest for speed and user-friendliness, but the eye-tracking system, packaged as a game, was not far behind and did not take as long as the reading exercise. The interviews also showed, however, that participants do not trust PIN systems in most ATMs.
In a separate trial during the study, Aragon and colleagues caused the eye-tracking device to deliberately not recognize users, and participants lost trust in the technology as a result. The error messages and directions provided to the users, say the researchers, were important to making the system usable.
Read more:
- Weaknesses Found in Online Banking, Facebook Security
- Personal Genetic Information Vulnerabilty Exposed
- Color X-Ray System Devised for Health, Security, Industry
- Challenge Seeks Smartphone GPS Jamming Detector
- National Lab Builds Android Network for Security Simulations
* * *
You must be logged in to post a comment.