Nour Dabbour from Carleton University presented a 2 minute rapid-fire of her poster at the SERENE-RISC workshop October, 2017.
Rapid fire presentations are limited to 2 minutes and 1 slide. Nour was voted as the winner of the student poster presentations at this event by the SERENE-RISC membership in attendance.
Do I know you? Evaluating Human-Human Authentication via Conversational Interfaces
Nour Dabbour and Anil Somayaji
Conversational interfaces are now commonplace, available to millions in the form of voice assistants (Alexa, Siri) and chatbots (Facebook Messenger, customer service portals). Although they are often used for sensitive tasks, currently these systems require separate mechanisms for authentication (a PIN or password) that are outside the conversation. This requirement for out-of-band authentication limits the utility of these systems in many contexts and leave their users vulnerable to attack.
Anecdotally we know that humans can authenticate other individuals relatively quickly even without contextual clues such as a person’s appearance or their voice; the methods by which they do so, and the relative effectiveness of those methods, however, is not known. We propose to do the first user study in which we test how effectively people can authenticate each other over a text chat interface in the face of an adaptive adversary. Our objective is to identify the key factors that allow humans to identify each other in conversation; these factors could then potentially be used in conversational interfaces to provide in-band authentication.