Replication study: a cross-country field observation study of real world PIN usage at ATMs and in various electronic payment scenarios: towards understanding why people do, or do not, shield PIN entry

Melanie Volkamer, Andreas Gutmann, Karen Renaud, Paul Gerber, Peter Mayer

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Downloads (Pure)

Abstract

In this paper, we describe the study we carried out to replicate and extend the field observation study of real world ATM use carried out by De Luca et al., published at the SOUPS conference in 2010. Replicating De Luca et al.'s study, we observed PIN shielding rates at ATMs in Germany. We then extended their research by conducting a similar field observation study in Sweden and the United Kingdom. Moreover, in addition to observing ATM users (withdrawing), we also observed electronic payment scenarios requiring PIN entry. Altogether, we gathered data related to 930 observations. Similar to De Luca et al., we conducted follow-up interviews, the better to interpret our findings. We were able to confirm De Luca et al.'s findings with respect to low PIN shielding incidence during ATM cash withdrawals, with no significant differences between shielding rates across the three countries. PIN shielding incidence during electronic payment scenarios was significantly lower than incidence during ATM withdrawal scenarios in both the United Kingdom and Sweden. Shielding levels in Germany were similar during both withdrawal and payment scenarios. We conclude the paper by suggesting a number of explanations for the differences in shielding that our study revealed.
Original languageEnglish
Title of host publicationProceedings of the Fourteenth Symposium on Usable Privacy and Security
PublisherUSENIX Association
Pages1-11
Number of pages11
ISBN (Print)9781931971454
Publication statusPublished - 31 Aug 2018
Event14th Symposium on Usable Privacy and Security - Baltimore Marriott Waterfront, Baltimore, United States
Duration: 12 Aug 201814 Aug 2018
Conference number: 14
https://www.usenix.org/conference/soups2018

Other

Other14th Symposium on Usable Privacy and Security
Abbreviated titleSOUPS 2018
CountryUnited States
CityBaltimore
Period12/08/1814/08/18
Internet address

Fingerprint

airborne thematic mapper
shield
electronics

Cite this

Volkamer, M., Gutmann, A., Renaud, K., Gerber, P., & Mayer, P. (2018). Replication study: a cross-country field observation study of real world PIN usage at ATMs and in various electronic payment scenarios: towards understanding why people do, or do not, shield PIN entry. In Proceedings of the Fourteenth Symposium on Usable Privacy and Security (pp. 1-11). USENIX Association.
Volkamer, Melanie ; Gutmann, Andreas ; Renaud, Karen ; Gerber, Paul ; Mayer, Peter. / Replication study : a cross-country field observation study of real world PIN usage at ATMs and in various electronic payment scenarios: towards understanding why people do, or do not, shield PIN entry. Proceedings of the Fourteenth Symposium on Usable Privacy and Security. USENIX Association, 2018. pp. 1-11
@inproceedings{ef54127a4088458e9c674c78194ae355,
title = "Replication study: a cross-country field observation study of real world PIN usage at ATMs and in various electronic payment scenarios: towards understanding why people do, or do not, shield PIN entry",
abstract = "In this paper, we describe the study we carried out to replicate and extend the field observation study of real world ATM use carried out by De Luca et al., published at the SOUPS conference in 2010. Replicating De Luca et al.'s study, we observed PIN shielding rates at ATMs in Germany. We then extended their research by conducting a similar field observation study in Sweden and the United Kingdom. Moreover, in addition to observing ATM users (withdrawing), we also observed electronic payment scenarios requiring PIN entry. Altogether, we gathered data related to 930 observations. Similar to De Luca et al., we conducted follow-up interviews, the better to interpret our findings. We were able to confirm De Luca et al.'s findings with respect to low PIN shielding incidence during ATM cash withdrawals, with no significant differences between shielding rates across the three countries. PIN shielding incidence during electronic payment scenarios was significantly lower than incidence during ATM withdrawal scenarios in both the United Kingdom and Sweden. Shielding levels in Germany were similar during both withdrawal and payment scenarios. We conclude the paper by suggesting a number of explanations for the differences in shielding that our study revealed.",
author = "Melanie Volkamer and Andreas Gutmann and Karen Renaud and Paul Gerber and Peter Mayer",
year = "2018",
month = "8",
day = "31",
language = "English",
isbn = "9781931971454",
pages = "1--11",
booktitle = "Proceedings of the Fourteenth Symposium on Usable Privacy and Security",
publisher = "USENIX Association",
address = "United States",

}

Volkamer, M, Gutmann, A, Renaud, K, Gerber, P & Mayer, P 2018, Replication study: a cross-country field observation study of real world PIN usage at ATMs and in various electronic payment scenarios: towards understanding why people do, or do not, shield PIN entry. in Proceedings of the Fourteenth Symposium on Usable Privacy and Security. USENIX Association, pp. 1-11, 14th Symposium on Usable Privacy and Security, Baltimore, United States, 12/08/18.

Replication study : a cross-country field observation study of real world PIN usage at ATMs and in various electronic payment scenarios: towards understanding why people do, or do not, shield PIN entry. / Volkamer, Melanie; Gutmann, Andreas; Renaud, Karen; Gerber, Paul; Mayer, Peter.

Proceedings of the Fourteenth Symposium on Usable Privacy and Security. USENIX Association, 2018. p. 1-11.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Replication study

T2 - a cross-country field observation study of real world PIN usage at ATMs and in various electronic payment scenarios: towards understanding why people do, or do not, shield PIN entry

AU - Volkamer, Melanie

AU - Gutmann, Andreas

AU - Renaud, Karen

AU - Gerber, Paul

AU - Mayer, Peter

PY - 2018/8/31

Y1 - 2018/8/31

N2 - In this paper, we describe the study we carried out to replicate and extend the field observation study of real world ATM use carried out by De Luca et al., published at the SOUPS conference in 2010. Replicating De Luca et al.'s study, we observed PIN shielding rates at ATMs in Germany. We then extended their research by conducting a similar field observation study in Sweden and the United Kingdom. Moreover, in addition to observing ATM users (withdrawing), we also observed electronic payment scenarios requiring PIN entry. Altogether, we gathered data related to 930 observations. Similar to De Luca et al., we conducted follow-up interviews, the better to interpret our findings. We were able to confirm De Luca et al.'s findings with respect to low PIN shielding incidence during ATM cash withdrawals, with no significant differences between shielding rates across the three countries. PIN shielding incidence during electronic payment scenarios was significantly lower than incidence during ATM withdrawal scenarios in both the United Kingdom and Sweden. Shielding levels in Germany were similar during both withdrawal and payment scenarios. We conclude the paper by suggesting a number of explanations for the differences in shielding that our study revealed.

AB - In this paper, we describe the study we carried out to replicate and extend the field observation study of real world ATM use carried out by De Luca et al., published at the SOUPS conference in 2010. Replicating De Luca et al.'s study, we observed PIN shielding rates at ATMs in Germany. We then extended their research by conducting a similar field observation study in Sweden and the United Kingdom. Moreover, in addition to observing ATM users (withdrawing), we also observed electronic payment scenarios requiring PIN entry. Altogether, we gathered data related to 930 observations. Similar to De Luca et al., we conducted follow-up interviews, the better to interpret our findings. We were able to confirm De Luca et al.'s findings with respect to low PIN shielding incidence during ATM cash withdrawals, with no significant differences between shielding rates across the three countries. PIN shielding incidence during electronic payment scenarios was significantly lower than incidence during ATM withdrawal scenarios in both the United Kingdom and Sweden. Shielding levels in Germany were similar during both withdrawal and payment scenarios. We conclude the paper by suggesting a number of explanations for the differences in shielding that our study revealed.

UR - https://www.youtube.com/watch?v=8q6FL0SLc4k

M3 - Conference contribution

SN - 9781931971454

SP - 1

EP - 11

BT - Proceedings of the Fourteenth Symposium on Usable Privacy and Security

PB - USENIX Association

ER -

Volkamer M, Gutmann A, Renaud K, Gerber P, Mayer P. Replication study: a cross-country field observation study of real world PIN usage at ATMs and in various electronic payment scenarios: towards understanding why people do, or do not, shield PIN entry. In Proceedings of the Fourteenth Symposium on Usable Privacy and Security. USENIX Association. 2018. p. 1-11