A popular saying in information security is, “Given a choice between dancing pigs and security, users will pick dancing pigs every time.” However, this statement is unfair—insights from neuroscience show that users’ seemingly lazy or careless security behaviors are not necessarily careless at all, but are a natural consequence of how the brain works.
In this talk, we’ll show how neuroscience can be used to better understand users’ security behavior and design more usable security UI. To illustrate, we’ll share insights from of a series of experiments that combine functional magnetic resonance imaging (fMRI) and traditional usability testing. The results reveal the substantial effect of neurobiology on users’ security behavior, and suggest practical ways to improve security UI.
This is a joint work with Bonnie Anderson, Jeff Jenkins, and Brock Kirwan of the Neurosecurity Lab (http://neurosecurity.byu.edu) at Brigham Young University.
