Exploring Website Location as a Security Indicator
This addresses website authentication for users, but it is incremental as it builds on existing proposals by testing a specific indicator.
The study tackled the problem of website authentication by exploring user acceptance of website location as a security indicator, finding that users were less likely to perform security-sensitive tasks when alerted to location changes in a 44-participant evaluation.
Authenticating websites is an ongoing problem for users. Recent proposals have suggested strengthening current server authentication methods by incorporating website location as a comprehensible additional trust factor. In this work, we explore users' acceptance of location information and how it affects decision-making for security and privacy. We conducted a series of qualitative interviews to learn how location can be integrated into users' decision-making for security, and we designed a security indicator to alert the user to changes in website locations. We evaluated our tool in a 44-participant user study and found that users were less likely to perform security-sensitive tasks when alerted to location changes. Our results suggest that website location can be used as an effective indicator for users' security assessments.