The Usability of CAPTCHAs on Smartphones

Gerardo Reynaga, Sonia Chiasson

2013

Abstract

Completely Automated Public Turing tests to tell Computers and Humans Apart (CAPTCHA) are challenge-response tests used on the web to distinguish human users from automated bots (von Ahn et al., 2004). In this paper, we present an exploratory analysis of the results obtained from a user study and a heuristic evaluation of captchas on smartphones; we aimed to identify opportunities and guide improvements for captchas on smartphones. Results showed that existing captcha schemes face effectiveness and user satisfaction problems. Among the more severe problems found were the need to often zoom and pan, and too small control buttons. Based on our results, we present deployment and design guidelines for captchas on smartphones.

References

  1. Asokan, N. and Kuo, C. (2012). Usable mobile security. In Distributed Computing and Internet Technology, volume 7154 of Lecture Notes in Computer Science, pages 1-6. Springer Berlin Heidelberg.
  2. BBC (Accessed: Feb 2013). Ticketmaster dumps 'hated' captcha verification system. Available from http:// www.bbc.co.uk/news/technology-21260007.
  3. Bergman, J. and Vainio, J. (2010). Interacting with the flow. In International Conference on Human Computer Interaction with Mobile Devices and Services, MobileHCI 7810, pages 249-252, NY, USA. ACM.
  4. Bursztein, E., Bethard, S., Fabry, C., Mitchell, J. C., and Jurafsky, D. (2010). How good are humans at solving CAPTCHAs? A large scale evaluation. In IEEE Symposium on Security and Privacy, pages 399-413. IEEE Computer Society.
  5. Bursztein, E., Martin, M., and Mitchell, J. C. (2011). Textbased captcha strengths and weaknesses. In ACM Conference on Computer and Communications Security, pages 125-138. ACM.
  6. Charmaz, K. (2006). Constructing grounded theory: A practical guide through qualitative analysis. Sage Publications Limited.
  7. Chow, R., Golle, P., Jakobsson, M., Wang, L., and Wang, X. (2008). Making captchas clickable. In Workshop on Mobile computing systems and applications, HotMobile 7808, pages 91-94, NY, USA. ACM.
  8. Google, Inc. (2013). reCaptcha: Stop Spam, Read Books. http://www.google.com/recaptcha.
  9. Gossweiler, R., Kamvar, M., and Baluja, S. (2009). What's up CAPTCHA?: a CAPTCHA based on image orientation. In International conference on World wide web, WWW 7809, pages 841-850, NY, USA. ACM.
  10. Kjeldskov, J. (2002). ”Just-in-Place” information for mobile device interfaces. Lecture Notes in Computer Science, 2411:271-275.
  11. Lin, R., Huang, S.-Y., Bell, G. B., and Lee, Y.-K. (2011). A new captcha interface design for mobile devices. In ACSW 2011: Australasian User Interface Conference.
  12. MacKenzie, I. and Soukoreff, R. (2002). Text entry for mobile computing: Models and methods, theory and practice. Human-Computer Interaction, 17(2-3):147- 198.
  13. Microsoft Inc. (2012). Asirra (Animal Species Image Recognition for Restricting Access). http://research. microsoft.com/en-us/um/redmond/projects/asirra/.
  14. Nielsen, J. (2013). Heuristic evaluation. Available from http://www.nngroup.com/articles/how- to- conduct- aheuristic-evaluation/.
  15. NuCaptcha, Inc. (2012). Available from http:// www.nucaptcha.com/resources/whitepapers. White paper: NuCaptcha and Traditional Captcha.
  16. Sharp, H., Rogers, Y., and Preece, J. (2007). Interaction Design: Beyond Human-Computer Interaction. John Wiley & Sons, Indianapolis, IN, 2 edition.
  17. Vappic (2012). 4D CAPTCHA. http://www.vappic.com/ moreplease.
  18. von Ahn, L., Blum, M., and Langford, J. (2004). Telling humans and computers apart automatically. Commun. ACM, 47:56-60.
  19. Wismer, A. J., Madathil, K. C., Koikkara, R., Juang, K. A., and Greenstein, J. S. (2012). Evaluating the usability of captchas on a mobile device with voice and touch input. In Human Factors and Ergonomics Society Annual Meeting, volume 56, pages 1228-1232. SAGE Publications.
  20. Xu, Y., Reynaga, G., Chiasson, S., Frahm, J.-M., Monrose, F., and Van Oorschot, P. C. (2012). Security and usability challenges of moving-object CAPTCHAs: Decoding codewords in motion. In USENIX Security Symposium, Berkeley, USA. USENIX Association.
  21. Yan, J. and El Ahmad, A. S. (2008). Usability of CAPTCHAs or usability issues in CAPTCHA design. In Symposium on Usable Privacy and Security, SOUPS 7808, pages 44-52, New York, NY, USA. ACM.
  22. Zhu, B. B., Yan, J., Li, Q., Yang, C., Liu, J., Xu, N., Yi, M., and Cai, K. (2010). Attacks and design of image recognition captchas. In Computer and Communications Security, CCS 7810, pages 187-200, New York, NY, USA. ACM.
Download


Paper Citation


in Harvard Style

Reynaga G. and Chiasson S. (2013). The Usability of CAPTCHAs on Smartphones . In Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013) ISBN 978-989-8565-73-0, pages 427-434. DOI: 10.5220/0004533904270434


in Bibtex Style

@conference{secrypt13,
author={Gerardo Reynaga and Sonia Chiasson},
title={The Usability of CAPTCHAs on Smartphones},
booktitle={Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013)},
year={2013},
pages={427-434},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004533904270434},
isbn={978-989-8565-73-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013)
TI - The Usability of CAPTCHAs on Smartphones
SN - 978-989-8565-73-0
AU - Reynaga G.
AU - Chiasson S.
PY - 2013
SP - 427
EP - 434
DO - 10.5220/0004533904270434