RepliCueAuth: Validating the Use of a Lab-Based Virtual Reality Setup for Evaluating Authentication Systems


Evaluating novel authentication systems is often costly and time-consuming. In this work, we assess the suitability of using Virtual Reality (VR) to evaluate the usability and security of real-world authentication systems. To this end, we conducted a replication study and built a virtual replica of CueAuth [52], a recently introduced authentication scheme, and report on results from: (1) a lab-based in-VR usability study (N=20) evaluating user performance; (2) an online security study (N=22) evaluating system's observation resistance through virtual avatars; and (3) a comparison between our results and those previously reported in the real-world evaluation. Our analysis indicates that VR can serve as a suitable test-bed for human-centred evaluations of real-world authentication schemes, but the used VR technology can have an impact on the evaluation. Our work is a first step towards augmenting the design and evaluation spectrum of authentication systems and offers ground work for more research to follow.

Florian Mathis
University of Glasgow, Glasgow, United Kingdom
Kami Vaniea
University of Edinburgh, Edinburgh, United Kingdom
Mohamed Khamis
University of Glasgow, Glasgow, United Kingdom




会議: CHI 2021

The ACM CHI Conference on Human Factors in Computing Systems (

セッション: XR/VR/360°

[A] Paper Room 15, 2021-05-11 17:00:00~2021-05-11 19:00:00 / [B] Paper Room 15, 2021-05-12 01:00:00~2021-05-12 03:00:00 / [C] Paper Room 15, 2021-05-12 09:00:00~2021-05-12 11:00:00
Paper Room 15
12 件の発表
2021-05-11 17:00:00
2021-05-11 19:00:00