InfoSec Seminar: Dr Simon Park and Dr Tristan Caulfield

Speaker: Dr Simon Park and Dr Tristan Caulfield
UCL Contact: Jonathan Bootle (Visitors from outside UCL please email in advance).
Date/Time: 11 Feb 16, 16:00 - 17:00
Venue: Roberts 110

Abstract

Dr Simon Parkin: Better the Devil You Know: A User Study of Two CAPTCHAs and a Possible Replacement Technology

CAPTCHAs are difficult for humans to use, causing frustration. Alternatives have been proposed, but user studies equate usability to solvability. We consider the user perspective to include workload and context of use. We assess traditional text-based CAPTCHAs alongside PlayThru, a `gamified' verification mechanism, and NoBot, which uses face biometrics. A total of 87 participants were tasked with ticket-buying across three conditions: (1) all three mechanisms in comparison, and NoBot three times (2) on a laptop, and (3) on a tablet. A range of quantitative and qualitative measurements explored the user perspective. Quantitative results showed that participants completed reCAPTCHAs quickest, followed by PlayThru and NoBot. Participants were critical of NoBot in comparison but praised it in isolation. Despite reporting negative experiences with reCAPTCHAs, they were the preferred mechanism, due to familiarity and a sense of security and control. Although slower, participants praised NoBot's completion speeds, but regarded using personal images as invading privacy.

Dr Simon Parkin: An Exploratory Study of User Perceptions of Payment Methods in the UK and the US

This talk presents the design and the results of a cross-cultural study of user perceptions and attitudes toward electronic payment methods. We conduct a series of semi-structured interviews involving forty participants (20 in London, UK, and 20 in Manhattan, KS, USA) to explore how individuals use the mechanisms available to them within their routine payment and banking activities. We also study their comprehension of payment processes, the perceived effort and impact of using different methods, as well as direct or indirect recollections of (suspected or actual) fraud and related interactions with banks and retailers. By comparing UK and US participants, we also elicit commonalities and differences that may help better understand, if not predict, attitudes of US customers once technologies like Chip-and-PIN are rolled out - for instance, several US participants were confused by how to use it, while UK participants found it convenient. Our results show that purchasing habits as well as the availability of rewards schemes are primary criteria influencing choices relating to payment technologies, and that inconsistencies, glitches, and other difficulties with newer technologies generate frustration sometimes leading to complete avoidance of new payment methods.

Dr Tristan Caulfield: Discrete Choice, Social Interaction, and Policy in Encryption Technology Adoption

We introduce a model for examining the factors that lead to the adoption of new encryption technologies. Building on the work of Brock and Durlauf, the model describes how agents make choices, in the presence of social interaction, between competing technologies given their relative cost, functionality, and usability. We apply the model to examples about the adoption of encryption in communication (email and messaging) and storage technologies (self-encrypting drives) and also consider our model's predictions for the evolution of technology adoption over time.