Elizabeth Stobert, ETH Zurich
From 12.00 until 13.30
At ETH Zurich, CNB/F/110
Universitätstrasse 6, 8092 Zurich
Abstract
Authenticating websites is an ongoing problem for users. Recent proposals have suggested strengthening current server authentication methods by incorporating website location as an additional authentication factor. In this work, we explore how location information affects users' decision-making for security and privacy. We conducted a series of qualitative interviews to learn how users relate location to their online security, and we designed a security indicator to alert the user to changes in website locations. We evaluated our tool in a 44-participant user study and found that users were less likely to perform security-sensitive tasks when alerted to location changes. Our results suggest that website location can be used as an effective indicator for users' security awareness.