Files in this item
Let the right one in : attestation as a usable CAPTCHA alternative
Item metadata
dc.contributor.author | Whalen, Tara | |
dc.contributor.author | Meunier, Thibault | |
dc.contributor.author | Kodali, Mrudula | |
dc.contributor.author | Davidson, Alex | |
dc.contributor.author | Fayed, Marwan | |
dc.contributor.author | Faz-Hernández, Armando | |
dc.contributor.author | Ladd, Watson | |
dc.contributor.author | Maram, Deepak | |
dc.contributor.author | Sullivan, Nick | |
dc.contributor.author | Wolters, Benedikt Christoph | |
dc.contributor.author | Guerreiro, Maxime | |
dc.contributor.author | Galloni, Andrew | |
dc.date.accessioned | 2024-04-17T11:30:01Z | |
dc.date.available | 2024-04-17T11:30:01Z | |
dc.date.issued | 2022 | |
dc.identifier | 299375847 | |
dc.identifier | bf33990b-61b7-41b0-b76e-3bacbf5c4f4f | |
dc.identifier | 85140884289 | |
dc.identifier.citation | Whalen , T , Meunier , T , Kodali , M , Davidson , A , Fayed , M , Faz-Hernández , A , Ladd , W , Maram , D , Sullivan , N , Wolters , B C , Guerreiro , M & Galloni , A 2022 , Let the right one in : attestation as a usable CAPTCHA alternative . in Proceedings of the 18th Symposium on Usable Privacy and Security, SOUPS 2022 . Proceedings of the 18th Symposium on Usable Privacy and Security, SOUPS 2022 , USENIX Association , pp. 599-612 , 18th Symposium on Usable Privacy and Security, SOUPS 2022 , Boston , United States , 7/08/22 . | en |
dc.identifier.citation | conference | en |
dc.identifier.isbn | 9781939133304 | |
dc.identifier.other | ORCID: /0000-0002-0970-7972/work/153451590 | |
dc.identifier.uri | https://hdl.handle.net/10023/29695 | |
dc.description.abstract | CAPTCHAs are necessary to protect websites from bots and malicious crawlers, yet are increasingly solvable by automated systems. This has led to more challenging tests that require greater human effort and cultural knowledge; they may prevent bots effectively but sacrifice usability and discourage the human users they are meant to admit.We propose a new class of challenge: a Cryptographic Attestation of Personhood (CAP) as the foundation of a usable, pro-privacy alternative. Our challenge is constructed using the open Web Authentication API (WebAuthn) that is supported in most browsers. We evaluated the CAP challenge through a public demo, with an accompanying user survey. Our evaluation indicates that CAP has a strong likelihood of adoption by users who possess the necessary hardware, showing good results for effectiveness and efficiency as well as a strong expressed preference for using CAP over traditional CAPTCHA solutions. In addition to demonstrating a mechanism for more usable challenge tests, we identify some areas for improvement for the WebAuthn user experience, and reflect on the difficult usable privacy problems in this domain and how they might be mitigated. | |
dc.format.extent | 14 | |
dc.format.extent | 644690 | |
dc.language.iso | eng | |
dc.publisher | USENIX Association | |
dc.relation.ispartof | Proceedings of the 18th Symposium on Usable Privacy and Security, SOUPS 2022 | en |
dc.relation.ispartofseries | Proceedings of the 18th Symposium on Usable Privacy and Security, SOUPS 2022 | en |
dc.subject | Computer Networks and Communications | en |
dc.subject | Safety, Risk, Reliability and Quality | en |
dc.subject | NDAS | en |
dc.title | Let the right one in : attestation as a usable CAPTCHA alternative | en |
dc.type | Conference item | en |
dc.contributor.institution | University of St Andrews. School of Computer Science | en |
dc.identifier.url | https://www.usenix.org/conference/soups2022/presentation/whalen | en |
This item appears in the following Collection(s)
Items in the St Andrews Research Repository are protected by copyright, with all rights reserved, unless otherwise indicated.