Facelock: familiarity-based graphical authentication

Rob Jenkins, Jane L. McLachlan, Karen Renaud

Research output: Contribution to journalArticlepeer-review

12 Citations (Scopus)
8 Downloads (Pure)

Abstract

Authentication codes such as passwords and PIN numbers are widely used to control access to resources. One major drawback of these codes is that they are difficult to remember. Account holders are often faced with a choice between forgetting a code, which can be inconvenient, or writing it down, which compromises security. In two studies, we test a new knowledge-based authentication method that does not impose memory load on the user. Psychological research on face recognition has revealed an important distinction between familiar and unfamiliar face perception: When a face is familiar to the observer, it can be identified across a wide range of images. However, when the face is unfamiliar, generalisation across images is poor. This contrast can be used as the basis for a personalised ‘facelock’, in which authentication succeeds or fails based on image-invariant recognition of faces that are familiar to the account holder. In Study 1, account holders authenticated easily by detecting familiar targets among other faces (97.5% success rate), even after a one-year delay (86.1% success rate). Zero-acquaintance attackers were reduced to guessing (
Original languageEnglish
Number of pages24
JournalPeerJ
Volume2
Issue numbere444
DOIs
Publication statusPublished - 24 Jun 2014

Keywords

  • Facelock
  • face recognition
  • identification
  • authentication
  • human factors
  • image-invariant recognition
  • graphical authentication systems

Fingerprint

Dive into the research topics of 'Facelock: familiarity-based graphical authentication'. Together they form a unique fingerprint.

Cite this