Usable Security of Authentication Process: New Approach and Practical Assessment

Authentication mechanisms are considered the typical method to secure financial websites. Context authentication has become increasingly important in the arena of online banking, which involves sensitive data that belong to users who trust their banks. Multifactor authentication is the most commonly used method of strengthening the log-in process in e-banking. Developing a usable and secure authentication approach and method is the most challenging area for researchers in the fields of security and Human-Computer Interaction (HCI). This paper describes a work-in-progress towards a new approach for authenticating users when access online banking by giving them the opportunity to choose their preferred method to log into e-banking. In our complex experiment with 100 online banking customers, we simulate an original online banking platform based on the proposed approach; then, we evaluate the usability and security of three different methods and assess user awareness of the most visible security design flaws. The initial result shows that the new system model was able to assess the usability and security of different multifactor authentication methods and it is considered a first attempt towards a usable and secure authentication approach.