precise and clear authentication system that
User authentication
architecture for mobile
devices; A cultural
approach
Abstract
As the usefulness and administrations
provided by portable gadgets increments, it
is all the more important to have a
successful user authentication system to
provide the users safety against
mishandling of private information. This
paper proposes the use of password-based
and password-less authentication systems
and how their implementation differs
through various cultures. Over the years,
password have been the main safeguards
for most of the people against unauthorized
access, but with the advancement in
technology there arises different password-
less user authentication methods where
there is potentially no risk of stealing,
hacking and cracking of passwords.
Despite all the advantages and
disadvantages that the two types of
authentication systems bring with them,
the crux of the matter remains that their
design and implementation is based on the
regulations and cultural background of any
specific area.
Keywords: biometrics, password-based
authentication, cross-cultural differences.
Introduction:
In the current world of technology, mobiles
phones are not just considered to be a
simple tool that handles the telephonic
communication but are capable of
providing a range of data-centric services.
These services include but are not limited
to transferring money, managing bank
accounts, surfing internet and paying for
various products. With increased
functionality, there arises a need for strong,
guarantees safety beyond the point of
entry.
The use of passwords and PINS has been
prevalent through a number of years. In the
current age, with a spiraling increase in
internet-connected devices and possession
of number of accounts by users, it has
become increasingly difficult to remember
all the passwords. Hence, the trend to
move towards more secure password-less
authentication has seen a massive incline.
(Cortopassi, M., Edward, E., 2013). The
password-less approach to authentication
also commonly known as biometrics does
not require the user to remember anything
but it only requires the usage of one of the
physical features of the user, be it their
fingerprint, facial ID or the retinal scan.
Even though this form of authentication is
much less complicated but it brings with it,
its own set of disadvantages.
Biometric captures and stores the essence
of one’s self and it has been contended that
biometrics are an inalienably emotive and
morally challenging innovation that can be
used for nefarious purposes against one’s
wishes. (Alterman, 2003). The use of
biometrics is seen as invasive in one
culture and it may be seen as less
complicating in another culture, based on
the views of population living there and the
regulations placed within the country.
This paper presents a cross-cultural
approach towards biometrics and
password-based authentication. The
purpose of this study is to understand
various biometric technologies and their
comparisons with the password-based
authentication systems, and to understand
the relationship between culture and
implementation of authentication
technologies. The reasons for some
societies discouraging the use of
biometrics and others encouraging it will
be discussed in end.
Biometric authentication:
Biometric system uses the physiological
and anatomical features of the users to
confirm their identity. It actually makes
sure that only the actual user is accessing
the device instead of any preparator who
has the password or PIN of the user. In this
section various biometric authentication
technologies are discussed and later the
perspective of user is discussed regarding
the biometric authentication versus the
password-based authentication.
The first in the list is the authentication
using the fingerprints. It is an easy, yet
secure authentication method since every
person has a unique set of finger prints. All
the user has to do is press their finger on
the designated sensor present on most of
the smart phones nowadays. The sensor
analyzes the unique pattern of ridges,
valleys and minutia points on fingers and
then locally creates a unique key pair to
unlock the device. (Chohan, R., Tanwar,
R., 2019)
The next is selfie authentication service
which is facial recognition technology.
Camera application of the device is used to
capture the face of user in real-time. This
picture is then compared with the one
provided within the date. If the pictures
match the phone is unlocked. This
technology is designed to overlook the
differences in the face due to age or other
factors.
Voice prints technology provides a safe
way to access the device through voice
recognition. The voice of the person trying
to unlock the phone is compared with the
voice print stored on the device. There are
two sub-categories of voice recognition;
speech recognition and speaker
recognition. Where the speaker recognition
technology only authenticates the voice
features of the person trying to access the
device, there the speech recognition
authentication also helps to understand the
words uttered by the person. (Yuanchun
shi., Xie., et al. 2003)
The last in the list is retinal scan
authentication. It depends on the design of
the vein present in the retina of human eye
and this technology is used very sparingly
in high-security devices.
There are two very distinct groups
regarding the use of authentication
technologies; the pro-biometric technology
group and the pro-password-based
authentication group. In early years,
biometrics as a whole were perceived to be
significantly less acceptable than
passwords. (Deane, et al. 1995). Though,
with passing time this perception started
changing. In a study conducted in 2004,
with participants from Finland, Germany
and Spain, it was concluded that 55%
people had a positive attitude towards the
use of biometrics and 25% people were of
the opinion that using biometrics might
negatively affect their health. (BioSec,
2004). During this survey, cross-cultural
differences regarding the implementation
of biometrics was also observed. It was
observed that people of Germany had a
more positive approach towards
biometrics, in contrast to the people of
Spain and Finland who were more
comfortable with using passwords.
Culture and authentication technologies:
As described in the above research, there
was a distinct link between cultures and the
usage of authentication technologies. In
this section of the research paper, quotes
from people of India, South Africa, and
United Kingdom regarding their take on
the use of biometric technology instead of
password-based technology will be used to
prove the varying affects of culture of an
area on the opinions of population
regarding the usage of authentication
technology.
“biometrics would be one of the most
secure methods of identification”
“I think biometric technologies are very
safe and reliable to use for personal
identification of an individual instead of
passwords. It ensures protection against
unauthorized access.”
The above-mentioned quotes are taken
from general public of India. (Riley, C.,
Buckner, K., Johnson, G., Benyon, D.
2009). These quotes show that people of
India are generally satisfied with the use
biometrics instead of passwords. Now
there can be number of reasons for this
cultural acceptance of biometrics. The
chief among them is the trend in India to
encourage the youngsters to get their
education in information technology. Their
government provides incentives to those
who masters in technology and thus
general population is encouraged to accept
all the new technologies without actually
thinking through the problems that are
associated with them. Another reason
might be the high illiteracy rate within
India. Almost everyone in India carries a
smart phone, even those who are not very
literate and they also want to protect their
phones from unauthorized access. Hence,
they prefer biometrics instead of
remembering long-winded passwords that
is very difficult for them. Due to these
cultural differences, people of India prefer
biometrics instead of passwords.
“my main concern is safety- if my body
parts are like access keys, there is a threat
to me?”
“there are some criminals that pay more
attention to details in their profession than
law-abiding folks do to theirs. They have
resources to beat any system, and I don’t
think biometric technology is any different.
(Riley, C., Buckner, K., Johnson, G.,
Benyon, D. 2009)
Now these quotes from general population
of South Africa clearly shows different
cultural values. They interpret the
technology in a completely different way
than the Indians. Their society is much
more prone to crime and thus the people
fear how the use of this technologies will
affect their personal safety. For example, if
a thief was to stole their mobile, he would
also need them to actually open that mobile
if they were using biometric technology,
hence their life could be in immense
danger every time they walk out of the
house. This is a risk that an average South
African is not willing to take and thus they
stick with password-based authentication.
I am concerned about the reliability of the
equipment of and personal consequences
of system failure.”
(Riley, C., Buckner, K., Johnson, G.,
Benyon, D. 2009)
Now, in United Kingdom where there is
neither the danger of uncontrolled crime,
nor there is high level of illiteracy, the least
number of people voted in favor of
biometric authentication system. This is
because in their culture, the children are
taught from a very young age to not follow
anything blindly and to make their own
decision. This makes them question the
safety of biometric system and how their
data will be used once it is captured. They
think that the government or other
organizations might access their
fingerprints and use them for other
purposes such as accessing their private
information. For example, in China the
biometric technology is being used to
heavily control the population and also a
DNA registry is being made over there
which is ethically very wrong.
(Comparitech, 2021)
Discussions:
From the above examples it is seen that
people of three different countries view the
same technology in a different light due to
their varying cultural backgrounds.
(Riley, C., Buckner, K., Johnson, G.,
Benyon, D. 2009)
Varying levels of information about the
biometrics in different societies might also
be a reason of cross-cultural contrast that is
witnessed. Since more Indians are familiar
with the technology as 46% of Indian
undergraduate studies technology
compared to only 37% of British students
(Royal Society, 2006), a greater proportion
of Indians reacted favorably towards
biometrics as compared to password-based
authentication. The graph below from
(Riley, C., Buckner, K., Johnson, G.,
Benyon, D. 2009) also stresses on this
point.
It is possible that as people grows more
aware of the technology with passing time,
some of their fears might dissipate and
they might warm up to the newer
technology as compared to the
authentication by passwords.
Conclusion:
The security of mobile devices is a major
concern for all the users as their mobile is a
host for a lot of personal data. This security
was provided by passwords and PINS
since a very long time. But with an
introduction of newer technologies, people
are genuinely divided regarding its
usefulness. The design companies should
keep in mind the cross-cultural differences
in peoples’ opinions before implementing
any authentication technology. This will
not only help satisfy the customers but also
keep them in profits.
References:
1. Riley, C., Buckner, K., Johnson,
G., Benyon, D. (2009) Culture and
Biometrics: Regional differences in
 perception of biometric
authentication technologies.
2. Biometric data: 96 countries ranked
by how they are collecting it and
what they are doing with it.
Retrieved by:
http://www.comparitech.com/
blog/vpn-privacy/biometric-data-
study/
3. Chohan, R., Tanwar, R., (2019)
password-less authentication:
methods for user verification and
identification to login securely over
remote sites.
4. N.L. Clarke, S.M. Furnell, (2006).
A composite user authentication
architecture for mobile devices.
Journal of Information warfare,
2(5), 11-29.