Skip to main content
SpringerLink
Log in

On the Acceptance of Privacy-Preserving Authentication Technology: The Curious Case of National Identity Cards

  • Conference paper
Privacy Enhancing Technologies (PETS 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7981))

Included in the following conference series:

Abstract

Many attempts have been made to replace the ubiquitous username-and-password authentication scheme in order to improve user security, privacy and usability. However, none of the proposed methods have gained wide-spread user acceptance. In this paper, we examine the users’ perceptions and concerns on using several alternative authentication methods on the Internet. We investigate the adoption of the new German national identity card, as it is the first eID-enabled card with dedicated features to enable privacy-preserving online authentication. Even though its large-scale roll-out was backed by a national government, adoption rates and acceptance are still low. We present results of three focus groups as well as interviews with service providers, showing that preserving privacy is just one of several factors relevant to the acceptance of novel authentication technologies by users as well as service providers.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agosto, D.E., Abbas, J., Naughton, R.: Relationships and Social Rules: Teens’ Social Network and Other ICT Selection Practices. JASIST 63(6), 1108–1124 (2012)

    Article  Google Scholar 

  2. Bonneau, J.: The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords. In: 2012 IEEE Symposium on Security and Privacy, pp. 538–552 (2012)

    Google Scholar 

  3. Bonneau, J., Herley, C., van Oorschot, P.C., Stajano, F.: The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes. In: 2012 IEEE Symposium on Security and Privacy, pp. 553–567 (2012)

    Google Scholar 

  4. Bundesamt für Sicherheit in der Informationstechnik. Technical Guideline TR-03127 (2011)

    Google Scholar 

  5. Davis, F.D., Bagozzi, R.P., Warshaw, P.R.: User Acceptance of Computer Technology: A Comparison of Two Theoretical Models. Management Science 35(8), 982–1003 (1989)

    Article  Google Scholar 

  6. Dey, A., Weis, S.: PseudoID: Enhancing Privacy in Federated Login (2010), http://www.pseudoid.net

  7. Dhamija, R., Dusseault, L.: The Seven Flaws of Identity Management: Usability and Security Challenges. IEEE Security & Privacy Magazine 6, 24–29 (2008)

    Google Scholar 

  8. Florencio, D., Herley, C.: A Large-Scale Study of Web Password Habits. In: Proceedings of the 16th International Conference on World Wide Web. ACM (2007)

    Google Scholar 

  9. Fromm, J., Hoepner, P.: The New German eID Card. In: Fumy, W., Paeschke, M. (eds.) Handbook of eID Security: Concepts, Practical Experiences, Technologies, ch. 11, pp. 154–166. Publicis (2011)

    Google Scholar 

  10. Gaw, S., Felten, E.W.: Password Management Strategies for Online Accounts. In: Proceedings of the Second Symposium on Usable Privacy and Security. ACM (2006)

    Google Scholar 

  11. Grote, J.H., Keizer, D., Kenzler, D., Kenzler, P., Meinel, C., Schnjakin, M., Zoth, L.: Vom Client Zur App. Technical report, Hasso Plattner Institute (2010)

    Google Scholar 

  12. Hayashi, E., Hong, J.: A Diary Study of Password Usage in Daily Life. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM (2011)

    Google Scholar 

  13. Herath, T., Chen, R., Wang, J., Banjara, K., Wilbur, J., Rao, H.R.: Security Services as Coping Mechanisms: An Investigation Into User Intention to Adopt an Email Authentication Service. Info Systems J. (2012)

    Google Scholar 

  14. Jakobsson, M., Chow, R., Molina, J.: Authentication - Are We Doing Well Enough? IEEE Security &Privacy Magazine 10(1), 19–21 (2012)

    Article  Google Scholar 

  15. Jones, L.A., Antón, A.I., Earp, J.B.: Towards Understanding User Perceptions of Authentication Technologies. In: Proceedings of the ACM Workshop on Privacy in Electronic Society. ACM (2007)

    Google Scholar 

  16. Krueger, R.A., Casey, M.A.: Focus Groups: A Practical Guide for Applied Research, 4th edn. Sage Publications (2009)

    Google Scholar 

  17. Kumaraguru, P., Cranor, L.F.: Privacy indexes: A Survey of Westin’s Studies. Technical Report CMU-ISRI-5-138, Carnegie Mellon University (2005)

    Google Scholar 

  18. Kurniawan, S., Mahmud, M., Nugroho, Y.: A Study of the Use of Mobile Phones by Older Persons. In: CHI Extended Abstracts on Human Factors in Computing Systems. ACM (2006)

    Google Scholar 

  19. Liang, H., Xue, Y.: Avoidance of Information Technology Threats: A Theoretical Perspective. MIS Quarterly 33(1), 71–90 (2009)

    Google Scholar 

  20. Malone, D., Maher, K.: Investigating the Distribution of Password Choices. In: Proceedings of the 21st International Conference on World Wide Web. ACM (2012)

    Google Scholar 

  21. Margraf, M.: The New German ID Card. In: Pohlmann, N., Reimer, H., Schneider, W. (eds.) ISSE 2010: Securing Electronic Business Processes (2011)

    Google Scholar 

  22. Morgan, D.L.: Focus Groups as Qualitative Research. Sage Publications (1996)

    Google Scholar 

  23. Perito, D., Castelluccia, C., Kaafar, M.A., Manils, P.: How Unique and Traceable Are Usernames? In: Fischer-Hübner, S., Hopper, N. (eds.) PETS 2011. LNCS, vol. 6794, pp. 1–17. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  24. Poller, A., Waldmann, U., Vowé, S.: Electronic Identity Cards for User Authentication – Promise and Practice. IEEE Security & Privacy Magazine 10(1), 46–54 (2012)

    Article  Google Scholar 

  25. Rosenbaum, S., Cockton, G., Coyne, K., Muller, M., Rauch, T.: Focus Groups in HCI: Wealth of Information or Waste of Resources? In: CHI Extended Abstracts on Human Factors in Computing Systems. ACM (2002)

    Google Scholar 

  26. Sun, S.-T., Pospisil, E., Muslukhov, I., Dindar, N., Hawkey, K., Beznosov, K.: What Makes Users Refuse Web Single Sign-On? An Empirical Investigation of OpenID. In: Proceedings of the Seventh Symposium on Usable Privacy and Security. ACM (2011)

    Google Scholar 

  27. Wästlund, E., Angulo, J., Fischer-Hübner, S.: Evoking Comprehensive Mental Models of Anonymous Credentials. In: Camenisch, J., Kesdogan, D. (eds.) iNetSec 2011. LNCS, vol. 7039, pp. 1–14. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  28. Weir, C.S., Douglas, G., Carruthers, M., Jack, M.: User Perceptions of Security, Convenience and Usability for Ebanking Authentication Tokens. Computers & Security 28(1-2), 47–62 (2009)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Distributed Computing & Security Group, Leibniz Universität Hannover, Germany

    Marian Harbach, Sascha Fahl & Matthew Smith

  2. Institute of Sociology, Leibniz Universität Hannover, Germany

    Matthias Rieger

Authors
  1. Marian Harbach
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sascha Fahl
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Matthias Rieger
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Matthew Smith
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Palo Alto Research Center (PARC), 3333 Coyote Hill Road, 94034, Palo Alto, CA, USA

    Emiliano De Cristofaro

  2. Department of Computer Science and Engineering, University of Texas at Arlington, 500 UTA Boulevard, 76019, Arlington, TX, USA

    Matthew Wright

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Harbach, M., Fahl, S., Rieger, M., Smith, M. (2013). On the Acceptance of Privacy-Preserving Authentication Technology: The Curious Case of National Identity Cards. In: De Cristofaro, E., Wright, M. (eds) Privacy Enhancing Technologies. PETS 2013. Lecture Notes in Computer Science, vol 7981. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39077-7_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-39077-7_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-39076-0

  • Online ISBN: 978-3-642-39077-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation