Secure authentication of people with digital wallet: a study at CPQD
Abstract
This paper describes a study carried out at CPQD using a digital wallet for secure authentication of people by reading a QR Code. The study involved the institution's employees in three phases: 1) research on habits and perceptions about digital authentication, 2) usability evaluation, and 3) testing in a real environment of use. The paper also discusses lessons learned from the study and future work.
Keywords:
digital wallet, decentralized digital identity, human-centered design
References
Bonneau, J., Herley, C., Oorschot, P. C. v., and Stajano, F. (2012). The quest to replace passwords: A framework for comparative evaluation of web authentication schemes. In 2012 IEEE Symposium on Security and Privacy, pages 553–567.
Brasil (2018). Lei geral de proteção de dados pessoais. Lei nº 13.709.
de Souza, F., Vechini, G., and Bonadia, G. (2021). Making design of experiments (DOE) accessible for everyone: Prototype design and evaluation. In Proceedings of the XX Brazilian Symposium on Human Factors in Computing Systems, pages 1–7.
Hayashi, E., Neris, V., Baranauskas, C., Martins, M. C., Piccolo, L., and Costa, R. (2009). Avaliando a qualidade afetiva de sistemas computacionais interativos no cenario brasileiro. Usabilidade, Acessibilidade e Inteligibilidade Aplicadas em Interfaces para Analfabetos, Idosos e Pessoas com Deficieêcia, 55.
Hayashi, E., Posada, J. G., Maike, V., and Baranauskas, M. C. C. (2016). Exploring new formats of the self-assessment manikin in the design with children. In Proceedings of the 15th Brazilian Symposium on Human Factors in Computing Systems.
Naik, N. and Jenkins, P. (2020). Self-sovereign identity specifications: Govern your identity through your digital wallet using blockchain technology. In 2020 8th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering. IEEE.
Norman, D. A. (2004). Emotional Design: why we love (or hate) everyday things. Basic Books, New York.
Preukschat, A. and Reed, D. (2021). Self-sovereign identity: Decentralized Digital Identity and Verifiable Credential. Manning Publications.
W3C (2021). Decentralized identifiers (dids) v1.0. https://www.w3.org/TR/did-core/#introduction. Accessed: 2022-06-25.
W3C (2022). Verifiable credentials data model v1.1. https://www.w3.org/TR/vc-data-model/. Accessed: 2022-06-25.
WEF (2021). Digital identity on the threshold of a digital identity revolution. Technical report, World Economic Forum.
Zachariadis, M., Hileman, G., and Scott, S. V. (2019). Governance and control in distributed ledgers: Understanding the challenges facing blockchain technology in financial services. Information and Organization, 29(2):105–117.
Brasil (2018). Lei geral de proteção de dados pessoais. Lei nº 13.709.
de Souza, F., Vechini, G., and Bonadia, G. (2021). Making design of experiments (DOE) accessible for everyone: Prototype design and evaluation. In Proceedings of the XX Brazilian Symposium on Human Factors in Computing Systems, pages 1–7.
Hayashi, E., Neris, V., Baranauskas, C., Martins, M. C., Piccolo, L., and Costa, R. (2009). Avaliando a qualidade afetiva de sistemas computacionais interativos no cenario brasileiro. Usabilidade, Acessibilidade e Inteligibilidade Aplicadas em Interfaces para Analfabetos, Idosos e Pessoas com Deficieêcia, 55.
Hayashi, E., Posada, J. G., Maike, V., and Baranauskas, M. C. C. (2016). Exploring new formats of the self-assessment manikin in the design with children. In Proceedings of the 15th Brazilian Symposium on Human Factors in Computing Systems.
Naik, N. and Jenkins, P. (2020). Self-sovereign identity specifications: Govern your identity through your digital wallet using blockchain technology. In 2020 8th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering. IEEE.
Norman, D. A. (2004). Emotional Design: why we love (or hate) everyday things. Basic Books, New York.
Preukschat, A. and Reed, D. (2021). Self-sovereign identity: Decentralized Digital Identity and Verifiable Credential. Manning Publications.
W3C (2021). Decentralized identifiers (dids) v1.0. https://www.w3.org/TR/did-core/#introduction. Accessed: 2022-06-25.
W3C (2022). Verifiable credentials data model v1.1. https://www.w3.org/TR/vc-data-model/. Accessed: 2022-06-25.
WEF (2021). Digital identity on the threshold of a digital identity revolution. Technical report, World Economic Forum.
Zachariadis, M., Hileman, G., and Scott, S. V. (2019). Governance and control in distributed ledgers: Understanding the challenges facing blockchain technology in financial services. Information and Organization, 29(2):105–117.
Published
2022-10-17
How to Cite
DE SOUZA, Fabiani; FORMIGONI FILHO, José Reynaldo; MARINO, Fernando Cezar Herédia; SAMPAIO, Andressa Souza.
Secure authentication of people with digital wallet: a study at CPQD. In: HCI IN PRACTICE - BRAZILIAN SYMPOSIUM ON HUMAN FACTORS IN COMPUTATIONAL SYSTEMS (IHC), 21. , 2022, Diamantina.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2022
.
p. 48-55.
DOI: https://doi.org/10.5753/ihc_estendido.2022.225470.
