Visible to the public Biblio

Filters: Author is Merrill, Nick  [Clear All Filters]
2019-11-11
Pierce, James, Fox, Sarah, Merrill, Nick, Wong, Richmond, DiSalvo, Carl.  2018.  An Interface Without A User: An Exploratory Design Study of Online Privacy Policies and Digital Legalese. Proceedings of the 2018 Designing Interactive Systems Conference. :1345–1358.
Privacy policies are critical to understanding one's rights on online platforms, yet few users read them. In this pictorial, we approach this as a systemic issue that is part a failure of interaction design. We provided a variety of people with printed packets of privacy policies, aiming to tease out this form's capabilities and limitations as a design interface, to understand people's perception and uses, and to critically imagine pragmatic revisions and creative alternatives to existing privacy policies.
2018-07-18
Merrill, Nick, Curran, Max T., Chuang, John.  2017.  Is the Future of Authenticity All In Our Heads?: Moving Passthoughts From the Lab to the World Proceedings of the 2017 New Security Paradigms Workshop. :70–79.

Passthoughts, in which a user thinks a secret thought to log in to services or devices, provides two factors of authentication (knowledge and inherence) in a single step. Since its proposal in 2005, passthoughts enjoyed a number of successful empirical studies. In this paper, we renew the promise of passthoughts authentication, outlining the main challenges that passthoughts must overcome in order to move from the lab to the real world. We propose two studies, which seek different angles at the fundamental questions we pose. Further, we propose it as a fruitful case study for thinking about what authentication can, and should, be expected to do, as it pushes up against questions of what sorts of "selves" authentication systems must be tasked with recognizing. Through this discussion, we raise novel possibilities for authentication broadly, such as "organic passwords" that change naturally over time, or systems that reject users who are not acting quite "like themselves."

2018-01-16
Curran, Max T., Merrill, Nick, Chuang, John, Gandhi, Swapan.  2017.  One-step, Three-factor Authentication in a Single Earpiece. Proceedings of the 2017 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2017 ACM International Symposium on Wearable Computers. :21–24.

Multifactor authentication presents a robust security method, but typically requires multiple steps on the part of the user resulting in a high cost to usability and limiting adoption. Furthermore, a truly usable system must be unobtrusive and inconspicuous. Here, we present a system that provides all three factors of authentication (knowledge, possession, and inherence) in a single step in the form of an earpiece which implements brain-based authentication via custom-fit, in-ear electroencephalography (EEG). We demonstrate its potential by collecting EEG data using manufactured custom-fit earpieces with embedded electrodes. Across 7 participants, we are able to achieve perfect performance, mean 0% false acceptance (FAR) and 0% false rejection rates (FRR), using participants' best performing tasks collected in one session by one earpiece with three electrodes. Our results indicate that a single earpiece with embedded electrodes could provide a discreet, convenient, and robust method for secure one-step, three-factor authentication.