Publications
WORKSHOP (INTERNATIONAL) User Verification System using Location-based Dynamic Questions for Account Recovery
Shuji Yamaguchi, Hidehito Gomi, Tetsutaro Uehara (Ritsumeikan University)
Workshop on Designing Security for the Web (SecWeb 2024)
May 23, 2024
This paper introduces a novel application of LocUS for enhancing account recovery processes. It leverages users' location histories to estimate visited places, selects suitable points from these locations to frame questions, and then generates questions with corresponding choices. Preliminary experiments included a survey with 1,000 participants to gauge the social acceptability and prerequisites for generating such questions. Additionally, a smaller scale manual question generation experiment with eight participants demonstrated high accuracy in responses and a favorable attitude towards our method. Building on these insights, we automated the question generation process and validated it with 14 participants, achieving an 86% average accuracy rate in responses. This study underscores the potential of using location history in security practices, though it also highlights challenges such as acquiring precise location data and refining question generation methods. Our future efforts will aim to overcome these challenges, ensuring our approach's comprehensive reliability and applicability across different contexts.
Paper :
User Verification System using Location-based Dynamic Questions for Account Recovery
(external link)