What Does the Brain Tell Us about Usable Security?

Tuesday, January 31, 2017 - 11:00am11:30am

Anthony Vance, Brigham Young University


A popular saying in information security is, “Given a choice between dancing pigs and security, users will pick dancing pigs every time.” However, this statement is unfair—insights from neuroscience show that users’ seemingly lazy or careless security behaviors are not necessarily careless at all, but are a natural consequence of how the brain works.  

In this talk, we’ll show how neuroscience can be used to better understand users’ security behavior and design more usable security UI. To illustrate, we’ll share insights from of a series of experiments that combine functional magnetic resonance imaging (fMRI) and traditional usability testing. The results reveal the substantial effect of neurobiology on users’ security behavior, and suggest practical ways to improve security UI.

This is a joint work with Bonnie Anderson, Jeff Jenkins, and Brock Kirwan of the Neurosecurity Lab (https://neurosecurity.net/) at Brigham Young University.

Anthony Vance, Brigham Young University

Anthony Vance is an Associate Professor of Information Systems in the Marriott School of Management of Brigham Young University. He has earned Ph.D. degrees in Information Systems from Georgia State University, USA; the University of Paris—Dauphine, France; and the University of Oulu, Finland. He is currently an associate editor at MIS Quarterly. His research focuses on behavioral and neuroscience applications to information security, and has been published in MIS Quarterly, Information Systems Research, Proceedings of the ACM Conference on Human Factors in Computing Systems (CHI),and other outlets.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@conference {202282,
author = {Anthony Vance},
title = {What Does the Brain Tell Us about Usable Security?},
year = {2017},
address = {Oakland, CA},
publisher = {USENIX Association},
month = jan

Presentation Video