(2021) Exploring Authentication for Security-Sensitive Tasks on Smart Home Voice Assistants.
|
Text
Exploring_Authentication_for_Security_Sensitive_Tasks_on_Smart_Home_Voice_Assistants__SOUPS_2021_.pdf Download (1MB) | Preview |
Abstract
Smart home assistants such as Amazon Alexa and Google Home are primarily used for day-to-day tasks like checking the weather or controlling other IoT devices. Security-sensitive use cases such as online banking and voice-controlled door locks are already available and are expected to become more popular in the future. However, the current state-of-the-art authentication for smart home assistants consists of users saying low-security PINs aloud, which does not meet the security requirements of security-sensitive tasks. Therefore, we explore the design space for future authentication mechanisms. We conducted semi-structured interviews with N = 16 Alexa-users incorporating four high-risk scenarios. Using these scenarios, we explored perceived risks, mitigation strategies, and design-aspects to create secure experiences. Among other things, we found that participants are primarily concerned about eavesdropping bystanders, do not trust voice-based PINs, and would prefer trustworthy voice recognition. Our results also suggest that they have context-dependent (location and bystanders) requirements for smart home assistant authentication. Based on our findings, we construct design recommendations to inform the design of future authentication mechanisms.
| Item Type: | Conference or Workshop Item (A Paper) (Paper) |
|---|---|
| Divisions: | Katharina Krombholz (Human-Oriented Security, HOS) |
| Conference: | SOUPS Symposium On Usable Privacy and Security |
| Depositing User: | Matthias Fassl |
| Date Deposited: | 10 Jun 2021 12:25 |
| Last Modified: | 10 Jun 2021 12:25 |
| Primary Research Area: | NRA5: Empirical & Behavioral Security |
| URI: | https://publications.cispa.saarland/id/eprint/3433 |
Actions
Actions (login required)
 |
View Item |