Privacy and usability of image and text based challenge questions authentication in online examination

In many online examinations, physical invigilation is often replaced with traditional authentication approaches for student identification. Secure and usable authentication approaches are important for high stake online examinations. A Profile Based Authentication Framework (PBAF) was developed and implemented in a real online learning course embedded with summative online examination. Based on users' experience of using the PBAF in an online course, online questionnaires were used to collect participants' feedback on effectiveness, layout and appearance, user satisfaction, distraction and privacy concerns. Based on overall findings of the quantitative analysis, there was a positive feedback on the use of a hybrid approach utilizing image and text based challenge questions for better usability. However, the number of questions presented during learning and examination processes were reported to be too many and caused distraction. Participants expressed a degree of concern on sharing personal and academic information with little or no privacy concern on using favorite questions (p <; 0.01).

[1]  Mike Just,et al.  Choosing Better Challenge Questions , 2009 .

[2]  Nigel Bevan,et al.  Usability is Quality of Use , 1995 .

[3]  Mike Just,et al.  Pictures or questions?: examining user responses to association-based authentication , 2010, BCS HCI.

[4]  Hannan Xiao,et al.  Evaluating security and usability of profile based challenge questions authentication in online examinations , 2014, Journal of Internet Services and Applications.

[5]  Ariel Rabkin,et al.  Personal knowledge questions for fallback authentication: security questions in the era of Facebook , 2008, SOUPS '08.

[6]  E.G. Agulla,et al.  Is My Student at the Other Side? Applying Biometric Web Authentication to E-Learning Environments , 2008, 2008 Eighth IEEE International Conference on Advanced Learning Technologies.

[7]  Jakob Nielsen,et al.  Heuristic evaluation of user interfaces , 1990, CHI '90.

[8]  O. Harmon,et al.  Assessment Design and Cheating Risk in Online Instruction , 2010 .

[9]  Hannan Xiao,et al.  Design, privacy and authentication of challenge questions in online examinations , 2013, 2013 IEEE Conference on e-Learning, e-Management and e-Services.

[10]  Mike Just,et al.  Personal choice and challenge questions: a security and usability assessment , 2009, SOUPS.

[11]  Selçuk Karaman,et al.  Examining the Effects of Flexible Online Exams on Students' Engagement in E-Learning. , 2011 .

[12]  Godwin J. Udo,et al.  Privacy and security concerns as major barriers for e-commerce: a survey study , 2001, Inf. Manag. Comput. Secur..

[13]  Serge Egelman,et al.  It's No Secret. Measuring the Security and Reliability of Authentication via “Secret” Questions , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[14]  Ben Shneiderman,et al.  Designing The User Interface , 2013 .

[15]  Jakob Nielsen,et al.  How to Conduct a Heuristic Evaluation , 2006 .

[16]  Jakob Nielsen,et al.  Homepage Usability: 50 Websites Deconstructed , 2001 .

[17]  Ergonomic requirements for office work with visual display terminals ( VDTs ) — Part 11 : Guidance on usability , 1998 .

[18]  Hannan Xiao,et al.  Usability of profile based student authentication and traffic light system in online examinations , 2012, 2012 International Conference for Internet Technology and Secured Transactions.

[19]  B. Shneiderman Designing the User Interface (3rd Ed.) , 1998 .

[20]  Hannan Xiao,et al.  Profile based student authentication in online examination , 2012, International Conference on Information Society (i-Society 2012).