CONFERENCE (INTERNATIONAL) Observation Study on Usability Challenges for Fingerprint Authentication Using WebAuthn-enabled Android Smartphones
Symposium on Usable Privacy and Security (SOUPS 2020)
August 12, 2020
Web Authentication (WebAuthn) is an authentication standard developed by the World Wide Web Consortium (W3C) that enables passwordless login to a website using a variety of authentication methods. While the security issues of biometrics through WebAuthn and its widespread usage may be solved by technological advances, we anticipate that various usability challenges will remain. Therefore, we conducted a first usability study on passwordless authentication using WebAuthn-enabled Android smartphones for consumer users. In particular, we focus on fingerprint authentication as a WebAuthn biometric in this study. We conducted objective, quantitative (SUS), and subjective analyses for the participants' behavior and comments and were able to clarify key design implications, especially pertaining to the setup process. Our findings cover usability implications applicable to all Android WebAuthn-enabled sites.