research-article

THE ANATOMY OF SMARTPHONE UNLOCKING: Why and How Android Users Around the World Lock their Phones

Authors:

Marian Harbach,

Alexander De Luca, and

Serge EgelmanAuthors Info & Claims

GetMobile: Mobile Computing and Communications, Volume 20, Issue 3

Pages 42 - 46

https://doi.org/10.1145/3036699.3036712

Published: 05 January 2017 Publication History

Abstract

To prevent unauthorized access to their smartphones, users can enable a "lock screen," which may require entering a PIN or password, drawing a pattern, or providing a biometric. We present the results of two studies that together offer a detailed analysis of the smartphone locking mechanisms currently available to billions of smartphone users worldwide. An online survey (N=8,286), conducted in eight different countries, sheds light on people's reasons for choosing their screen lock method and demonstrates significant crosscultural differences in attitudes towards this subject. In a separate monthlong field study (N=134), we studied how existing lock screen mechanisms provide users with distinct tradeoffs between usability and security, identifying areas where both could be improved.

References

[1]

Panagiotis Andriotis, Theo Tryfonas, and George Oikonomou. 2014. Complexity Metrics and User Strength Perceptions of the PatternLock Graphical Authentication Method. In Proceedings of the Second International Conference on Human Aspects of Information Security, Privacy, and Trust Volume 8533. Springer-Verlag New York, Inc., New York, NY, USA, 115--126.

Digital Library

[2]

Adam J. Aviv, Katherine Gibson, Evan Mossop, Matt Blaze, and Jonathan M. Smith. 2010. Smudge Attacks on Smartphone Touch Screens. In Proceedings of the 4th USENIX Conference on Offensive Technologies (WOOT'10). USENIX Association, Berkeley, CA, USA, 1--7. http://dl.acm.org/citation.cfm?id=1925004.1925009

Digital Library

[3]

Andrea Bianchi, Ian Oakley, Vassilis Kostakos, and Dong Soo Kwon. 2011. The Phone Lock: Audio and Haptic Shouldersurfing Resistant PIN Entry Methods for Mobile Devices. In Proceedings of the Fifth International Conference on Tangible, Embedded, and Embodied Interaction (TEI '11). ACM, New York, NY, USA, 197--200.

Digital Library

[4]

Joseph Bonneau, So en Preibusch, and Ross Anderson. 2012. A Birthday Present Every Eleven Wallets? The Security of CustomerChosen Banking PINs. In Financial Cryptography and Data Security, Angelos D. Keromytis (Ed.). Lecture Notes in Computer Science, Vol. 7397. Springer Berlin Heidelberg, 25--40.

[5]

Alexander De Luca, Alina Hang, Frederik Brudy, Christian Lindner, and Heinrich Hussmann. 2012. Touch Me Once and I Know It's You!: Implicit Authentication Based on Touch Screen Patterns. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '12). ACM, New York, NY, USA, 987--996.

Digital Library

[6]

Serge Egelman, Sakshi Jain, Rebecca S. Portnoff, Kerwell Liao, Sunny Consolvo, and David Wagner. 2014. Are You Ready to Lock?. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS '14). ACM, New York, NY, USA, 750761.

Digital Library

[7]

Marian Harbach, Alexander De Luca, and Serge Egelman. 2016. The Anatomy of Smartphone Unlocking: A Field Study of Android Lock Screens. In Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems (CHI '16). ACM, New York, NY, USA, 48064817.

Digital Library

[8]

Marian Harbach, Alexander De Luca, Nathan Malkin, and Serge Egelman. 2016. Keep on Lockin' in the Free World: A MultiNational Comparison of Smartphone Locking. In Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems (CHI '16). ACM, New York, NY, USA, 48234827.

Digital Library

[9]

Sung-Hwan Kim, Jong- Woo Kim, SeonYeong Kim, and Hwan- Gue Cho. 2011. A New Shouldersurfing Resistant Password for Mobile Environments. In Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication (ICUIMC '11). ACM, New York, NY, USA, Article 27, 8 pages.

Digital Library

[10]

Anandatirtha Nandugudi, Anudipa Maiti, Taeyeon Ki, Fatih Bulut, Murat Demirbas, Tevfik Kosar, Chunming Qiao, Steven Y. Ko, and Geoffrey Challen. 2013. PhoneLab: A Large Programmable Smartphone Testbed. In Proceedings of First International Workshop on Sensing and Big Data Mining (SENSEMINE'13). ACM, New York, NY, USA, Article 4, 6 pages.

Digital Library

[11]

Tetsuji Takada and Yuki Kokubun. 2013. Extended PIN Authentication Scheme Allowing MultiTouch Key Input. In Proceedings of International Conference on Advances in Mobile Computing & Multimedia (MoMM '13). ACM, New York, NY, USA, Article 307, 4 pages.

Digital Library

[12]

Sebastian Uellenbeck, Markus Du muth, Christopher Wolf, and Thorsten Holz. 2013. Quantifying the Security of Graphical Passwords: The Case of Android Unlock Patterns. In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security (CCS '13). ACM, New York, NY, USA, 161--172.

Digital Library

[13]

Emanuel von Zezschwitz, Alexander De Luca, Bruno Brunkow, and Heinrich Hussmann. 2015a. SwiPIN: Fast and Secure PINEntry on Smartphones. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems (CHI '15). ACM, New York, NY, USA, 1403--1406.

Digital Library

[14]

Emanuel von Zezschwitz, Alexander De Luca, Philipp Janssen, and Heinrich Hussmann. 2015b. Easy to Draw, but Hard to Trace?: On the Observability of Gridbased (Un)Lock Patterns. In Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems (CHI '15). ACM, New York, NY, USA, 2339--2342.

Digital Library

[15]

Nan Zheng, Kun Bai, Hai Huang, and Haining Wang. 2014. You Are How You Touch: User Verification on Smartphones via Tapping Behaviors. In Proceedings of the 2014 IEEE 22nd International Conference on Network Protocols (ICNP '14). IEEE Computer Society, Washington, DC, USA, 221--232.

Digital Library

Cited By

Schneegass CSigethy SMitrevska TEiband MBuschek D(2022)UnlockLearning – Investigating the Integration of Vocabulary Learning Tasks into the Smartphone Authentication Processi-com10.1515/icom-2021-003721:1(157-174)Online publication date: 1-Apr-2022
https://doi.org/10.1515/icom-2021-0037
Kaur PGeeta Sharma V(2022)Analysis of Secure Locking Techniques on Smart Phones2022 5th International Conference on Contemporary Computing and Informatics (IC3I)10.1109/IC3I56241.2022.10073370(1807-1811)Online publication date: 14-Dec-2022
https://doi.org/10.1109/IC3I56241.2022.10073370
Rayani PChangder S(2022)Continuous user authentication on smartphone via behavioral biometrics: a surveyMultimedia Tools and Applications10.1007/s11042-022-13245-982:2(1633-1667)Online publication date: 9-Jun-2022
https://dl.acm.org/doi/10.1007/s11042-022-13245-9
Show More Cited By

Recommendations

The Anatomy of Smartphone Unlocking: A Field Study of Android Lock Screens
CHI '16: Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems

To prevent unauthorized parties from accessing data stored on their smartphones, users have the option of enabling a "lock screen" that requires a secret code (e.g., PIN, drawing a pattern, or biometric) to gain access to their devices. We present a ...
Read More
Energy-efficient prediction of smartphone unlocking

We investigate the predictability of the next unlock event on smartphones, using machine learning and smartphone contextual data. In a 2-week field study with 27 participants, we demonstrate that it is possible to predict when the next unlock event will ...
Read More
Pro Smartphone Cross-Platform Development: iPhone, Blackberry, Windows Mobile and Android Development and Distribution
Read More

Comments

Information & Contributors

Information

Published In

cover image GetMobile: Mobile Computing and Communications

GetMobile: Mobile Computing and Communications Volume 20, Issue 3

July 2016

42 pages

ISSN:2375-0529

EISSN:2375-0537

DOI:10.1145/3036699

Editor:
Eyal de Lara
University of Toronto

Issue’s Table of Contents

Copyright © 2017 Authors.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 January 2017

Published in SIGMOBILE-GETMOBILE Volume 20, Issue 3

Check for updates

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

14
Total Citations
View Citations
487
Total Downloads

Downloads (Last 12 months)18
Downloads (Last 6 weeks)1

Other Metrics

View Author Metrics

Citations

Cited By

Schneegass CSigethy SMitrevska TEiband MBuschek D(2022)UnlockLearning – Investigating the Integration of Vocabulary Learning Tasks into the Smartphone Authentication Processi-com10.1515/icom-2021-003721:1(157-174)Online publication date: 1-Apr-2022
https://doi.org/10.1515/icom-2021-0037
Kaur PGeeta Sharma V(2022)Analysis of Secure Locking Techniques on Smart Phones2022 5th International Conference on Contemporary Computing and Informatics (IC3I)10.1109/IC3I56241.2022.10073370(1807-1811)Online publication date: 14-Dec-2022
https://doi.org/10.1109/IC3I56241.2022.10073370
Rayani PChangder S(2022)Continuous user authentication on smartphone via behavioral biometrics: a surveyMultimedia Tools and Applications10.1007/s11042-022-13245-982:2(1633-1667)Online publication date: 9-Jun-2022
https://dl.acm.org/doi/10.1007/s11042-022-13245-9
Mathis FVaniea KKhamis M(2021)Prototyping Usable Privacy and Security Systems: Insights from ExpertsInternational Journal of Human–Computer Interaction10.1080/10447318.2021.194913438:5(468-490)Online publication date: 5-Aug-2021
https://doi.org/10.1080/10447318.2021.1949134
Memon IAli QFazal HZubedi AKhuwaja S(2020)Concepts, Analysis, Issues of smartphone and Smart devices: A survey2020 3rd International Conference on Computing, Mathematics and Engineering Technologies (iCoMET)10.1109/iCoMET48670.2020.9074106(1-8)Online publication date: Jan-2020
https://doi.org/10.1109/iCoMET48670.2020.9074106
Setiadji MAji BAmiruddin A(2020)Deceiving Smart Lock Trusted Place in Android Smartphones with Location Spoofing2020 3rd International Conference on Information and Communications Technology (ICOIACT)10.1109/ICOIACT50329.2020.9332076(441-445)Online publication date: 24-Nov-2020
https://doi.org/10.1109/ICOIACT50329.2020.9332076
Torres Jde los Santos SAlepis EPatsakis C(2020)User Behavioral Biometrics and Machine Learning Towards Improving User Authentication in SmartphonesInformation Systems Security and Privacy10.1007/978-3-030-49443-8_12(250-271)Online publication date: 28-Jun-2020
https://doi.org/10.1007/978-3-030-49443-8_12
Neal TNoor MGera PZanna KKaptan G(2019)Authenticating Phone Users Using a Gait-Based Histogram Approach on Mobile App Sessions2019 International Conference on Biometrics (ICB)10.1109/ICB45273.2019.8987418(1-7)Online publication date: Jun-2019
https://doi.org/10.1109/ICB45273.2019.8987418
Neal TWoodard D(2019)Mobile Biometrics, Replay Attacks, and Behavior Profiling: An Empirical Analysis of Impostor Detection2019 International Conference on Biometrics (ICB)10.1109/ICB45273.2019.8987407(1-8)Online publication date: Jun-2019
https://doi.org/10.1109/ICB45273.2019.8987407
Mayer PVolkamer MBella GLenzini G(2018)Addressing misconceptions about password security effectivelyProceedings of the 7th Workshop on Socio-Technical Aspects in Security and Trust10.1145/3167996.3167998(16-27)Online publication date: 5-Dec-2018
https://dl.acm.org/doi/10.1145/3167996.3167998
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents