Alphacodes

Usable, secure transactions with untrusted providers using human computable puzzles

Ashlesh Sharma, Varun Chandrasekaran, Fareeha Amjad, Dennis Shasha, Lakshminarayanan Subramanian

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Many banking and commerce payment systems in developing regions require users to share private or sensitive information in clear-text with untrusted providers, exposing them to different forms of man-in-the-middle attacks. In this paper, we introduce Alphacodes, a new paradigm that enables users to secure transactions with untrusted parties using the notion of human-computable visual puzzles. We describe how Alphacodes can be applied in different use cases and also explain two simple applications that we have built using this framework. We motivate our solution using security vulnerabilities in existing systems, and show how our protocol overcomes them. We demonstrate the ease of use of Alphacodes with minimal training using two simple crowdsourcing studies. Using another simple real world user study involving 10 users who speak Kannada (a regional Indian language), we show that the Alphacodes paradigm can be easily extended to languages beyond English.

Original languageEnglish (US)
Title of host publicationProceedings of the 7th Annual Symposium on Computing for Development, ACM DEV-7 2016
PublisherAssociation for Computing Machinery, Inc
ISBN (Electronic)9781450346498
DOIs
StatePublished - Nov 18 2016
Event7th ACM Symposium on Computing for Development, ACM DEV 2016 - Nairobi, Kenya
Duration: Nov 18 2016Nov 20 2016

Other

Other7th ACM Symposium on Computing for Development, ACM DEV 2016
CountryKenya
CityNairobi
Period11/18/1611/20/16

Keywords

  • Alphacodes
  • Branchless Banking
  • Human Computation Puzzles
  • Usable Security

ASJC Scopus subject areas

  • Software
  • Computer Science Applications
  • Computational Theory and Mathematics

Cite this

Sharma, A., Chandrasekaran, V., Amjad, F., Shasha, D., & Subramanian, L. (2016). Alphacodes: Usable, secure transactions with untrusted providers using human computable puzzles. In Proceedings of the 7th Annual Symposium on Computing for Development, ACM DEV-7 2016 [a5] Association for Computing Machinery, Inc. https://doi.org/10.1145/3001913.3001924

Alphacodes : Usable, secure transactions with untrusted providers using human computable puzzles. / Sharma, Ashlesh; Chandrasekaran, Varun; Amjad, Fareeha; Shasha, Dennis; Subramanian, Lakshminarayanan.

Proceedings of the 7th Annual Symposium on Computing for Development, ACM DEV-7 2016. Association for Computing Machinery, Inc, 2016. a5.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Sharma, A, Chandrasekaran, V, Amjad, F, Shasha, D & Subramanian, L 2016, Alphacodes: Usable, secure transactions with untrusted providers using human computable puzzles. in Proceedings of the 7th Annual Symposium on Computing for Development, ACM DEV-7 2016., a5, Association for Computing Machinery, Inc, 7th ACM Symposium on Computing for Development, ACM DEV 2016, Nairobi, Kenya, 11/18/16. https://doi.org/10.1145/3001913.3001924
Sharma A, Chandrasekaran V, Amjad F, Shasha D, Subramanian L. Alphacodes: Usable, secure transactions with untrusted providers using human computable puzzles. In Proceedings of the 7th Annual Symposium on Computing for Development, ACM DEV-7 2016. Association for Computing Machinery, Inc. 2016. a5 https://doi.org/10.1145/3001913.3001924
Sharma, Ashlesh ; Chandrasekaran, Varun ; Amjad, Fareeha ; Shasha, Dennis ; Subramanian, Lakshminarayanan. / Alphacodes : Usable, secure transactions with untrusted providers using human computable puzzles. Proceedings of the 7th Annual Symposium on Computing for Development, ACM DEV-7 2016. Association for Computing Machinery, Inc, 2016.
@inproceedings{324afb3358224aeaaf4eb06a5afd5f17,
title = "Alphacodes: Usable, secure transactions with untrusted providers using human computable puzzles",
abstract = "Many banking and commerce payment systems in developing regions require users to share private or sensitive information in clear-text with untrusted providers, exposing them to different forms of man-in-the-middle attacks. In this paper, we introduce Alphacodes, a new paradigm that enables users to secure transactions with untrusted parties using the notion of human-computable visual puzzles. We describe how Alphacodes can be applied in different use cases and also explain two simple applications that we have built using this framework. We motivate our solution using security vulnerabilities in existing systems, and show how our protocol overcomes them. We demonstrate the ease of use of Alphacodes with minimal training using two simple crowdsourcing studies. Using another simple real world user study involving 10 users who speak Kannada (a regional Indian language), we show that the Alphacodes paradigm can be easily extended to languages beyond English.",
keywords = "Alphacodes, Branchless Banking, Human Computation Puzzles, Usable Security",
author = "Ashlesh Sharma and Varun Chandrasekaran and Fareeha Amjad and Dennis Shasha and Lakshminarayanan Subramanian",
year = "2016",
month = "11",
day = "18",
doi = "10.1145/3001913.3001924",
language = "English (US)",
booktitle = "Proceedings of the 7th Annual Symposium on Computing for Development, ACM DEV-7 2016",
publisher = "Association for Computing Machinery, Inc",

}

TY - GEN

T1 - Alphacodes

T2 - Usable, secure transactions with untrusted providers using human computable puzzles

AU - Sharma, Ashlesh

AU - Chandrasekaran, Varun

AU - Amjad, Fareeha

AU - Shasha, Dennis

AU - Subramanian, Lakshminarayanan

PY - 2016/11/18

Y1 - 2016/11/18

N2 - Many banking and commerce payment systems in developing regions require users to share private or sensitive information in clear-text with untrusted providers, exposing them to different forms of man-in-the-middle attacks. In this paper, we introduce Alphacodes, a new paradigm that enables users to secure transactions with untrusted parties using the notion of human-computable visual puzzles. We describe how Alphacodes can be applied in different use cases and also explain two simple applications that we have built using this framework. We motivate our solution using security vulnerabilities in existing systems, and show how our protocol overcomes them. We demonstrate the ease of use of Alphacodes with minimal training using two simple crowdsourcing studies. Using another simple real world user study involving 10 users who speak Kannada (a regional Indian language), we show that the Alphacodes paradigm can be easily extended to languages beyond English.

AB - Many banking and commerce payment systems in developing regions require users to share private or sensitive information in clear-text with untrusted providers, exposing them to different forms of man-in-the-middle attacks. In this paper, we introduce Alphacodes, a new paradigm that enables users to secure transactions with untrusted parties using the notion of human-computable visual puzzles. We describe how Alphacodes can be applied in different use cases and also explain two simple applications that we have built using this framework. We motivate our solution using security vulnerabilities in existing systems, and show how our protocol overcomes them. We demonstrate the ease of use of Alphacodes with minimal training using two simple crowdsourcing studies. Using another simple real world user study involving 10 users who speak Kannada (a regional Indian language), we show that the Alphacodes paradigm can be easily extended to languages beyond English.

KW - Alphacodes

KW - Branchless Banking

KW - Human Computation Puzzles

KW - Usable Security

UR - http://www.scopus.com/inward/record.url?scp=85013194960&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85013194960&partnerID=8YFLogxK

U2 - 10.1145/3001913.3001924

DO - 10.1145/3001913.3001924

M3 - Conference contribution

BT - Proceedings of the 7th Annual Symposium on Computing for Development, ACM DEV-7 2016

PB - Association for Computing Machinery, Inc

ER -