Supriya Khadka

Medha Sharma, Supriya Khadka, Udit Chandra Aryal et al.

As Large Language Models (LLMs) become integrated into daily life, they are increasingly used for personal queries, including Sexual and Reproductive Health (SRH), allowing users to chat anonymously without fear of judgment. However, current evaluation methods primarily focus on accuracy, often for objective queries in high-resource languages, and lack criteria to assess usability and safety, especially for low-resource languages and culturally sensitive domains like SRH. This paper introduces LLM Evaluation Framework (LEAF), that conducts assessments across multiple criteria: accuracy, language, usability gaps (including relevance, adequacy, and cultural appropriateness), and safety gaps (safety, sensitivity, and confidentiality). Using the LEAF framework, we assessed 14K SRH queries in Nepali from over 9K users. Responses were manually annotated by SRH experts according to the framework. Results revealed that only 35.1% of the responses were "proper", meaning they were accurate, adequate and had no major usability or safety related gaps. Insights include differences in performance between ChatGPT versions, such as similar accuracy but varying usability and safety aspects. This evaluation highlights significant limitations of current LLMs and underscores the need for improvement. The LEAF Framework is adaptable across domains and languages, particularly where usability and safety are critical, offering a pathway to better address sensitive topics.

Supriya Khadka, Sanchari Das

Authentication in financial systems remains a uniquely high-stakes security challenge, where even marginal increases in false acceptance can result in catastrophic monetary loss. Existing deployments of adaptive authentication, which combine biometrics, behavioral signals, and contextual risk scoring, remain conceptually fragmented and often prioritize regulatory compliance over explicit economic and adversarial risk modeling. To address this structural imbalance, in this paper we introduce a formal Risk-Cost Model (RCM) for adaptive authentication in financial systems. The RCM provides a principled mathematical foundation that integrates three essential components: (i) cost-sensitive risk functions that explicitly capture fraud loss, opportunity cost, and tail risk through Conditional Value-at-Risk (CVaR); (ii) sequential decision-making mechanisms that adapt to adversarial probing and distributional drift; and (iii) quantifiable privacy and regulatory constraints embedded directly within the optimization objective. By reframing authentication as a constrained dynamic risk-cost optimization problem, the RCM moves beyond static classification and compliance-driven design toward systems that are economically grounded, tail-risk aware, and resilient under adversarial uncertainty.

Supriya Khadka, Sanchari Das

Advancements in augmented reality (AR) technologies offer immense potential for mobile experiences. However, most commercial and educational AR systems assume a baseline of predictable user behavior and stationary interaction. Preschoolers and children in early childhood education, specifically ages 3 to 8, are naturally erratic, physically dynamic, and prone to rapid locomotion, making them the ultimate stress test for mobile spatial computing. Through a focused analysis of recent literature on physical activity and spatial learning in AR for preschoolers, this paper identifies points of friction in current mobile deployments. We highlight recurring failures in camera tracking during dynamic movement, physical safety hazards caused by screen-induced distraction, spatial crowding around physical markers, and the privacy risks of continuous environmental surveillance. To address these challenges, we propose AnchorPlay AR, a conceptual prototype for a privacy-preserving, audio-first spatial application. By explicitly separating locomotion from visual tracking, AnchorPlay AR uses audio cues to safely guide movement and reserves visual augmentation for stationary moments, offering a safer framework for preschoolers in constant motion.

Supriya Khadka, Sanchari Das

In decentralized web applications, users face an inherent conflict between public verifiability and personal privacy. To participate in regulated on-chain services, users must currently disclose sensitive identity documents to centralized intermediaries, permanently linking real-world identities to public transaction histories. This binary choice between total privacy loss or total exclusion strips users of agency and exposes them to persistent surveillance. In this work, we introduce a Selective Disclosure Framework designed to restore user sovereignty by decoupling eligibility verification from identity revelation. We present ZK-Compliance, a prototype that leverages browser-based zero-knowledge proofs to shift the interaction model, enabling users to prove specific attributes (e.g., "I am over 18") locally without revealing the underlying data. We implement a user-governed Grant, Verify, Revoke lifecycle that transforms the user's mental model of compliance from a permanent data handover into a dynamic, revocable authorization session. Our evaluation shows that client-side proof generation takes under 200ms, enabling a seamless interactive experience on commodity hardware. This work provides early evidence that regulatory compliance need not come at the cost of user privacy or autonomy.