Effects of culture on graphical password image selection and design
| Pages | 73-95 |
| DOI | https://doi.org/10.1108/JSIT-08-2019-0157 |
| Published date | 11 April 2020 |
| Date | 11 April 2020 |
| Author | Mona Mohamed,Joyram Chakraborty,Sharma Pillutla |
| Subject Matter | Information & knowledge management,Information systems,Information & communications technology |
Effects of culture on graphical
password image
selection and design
Mona Mohamed
Department of Business Analytics and Technology Management,
Towson University, Towson, Maryland, USA
Joyram Chakraborty
Department of Computer and Information Sciences, Towson University,
Towson, Maryland, USA, and
Sharma Pillutla
Department of Business Analytics and Technology Management,
Towson State University, Towson, Maryland, USA
Abstract
Purpose –The purpose of this studyis to examine the effects of culture on the cross-culturaldesign of the
recognition-based graphicalpassword (RBG-P) interface as inferred from Chineseand Saudi subjects’image
selections.
Design/methodology/approach –The authors use a between-group design adopted using two
groups of participants from China and the Kingdom of Saudi Arabia to measure the differences caused
by the effects of cultures on graphical password image selections. Three hypotheses have been tested in
a four-week long study carried out using two questionnaires and an RBG-P webtool designed for images
selection.
Findings –The results have indicated that participants are equally biased not only toward
their own culture but also depending on their opinions about other cultures. In addition,
when creating the password, it has been observed that culture not only influenced the image
selection to create the password but also have an effect on the sequence of the images forming the
password.
Research limitations/implications –Appropriately used image selection differences can be used
appropriately in cross-culturaldesigns that will lead to better development of culturally adaptiveinterfaces
that will boost the securityposture of RBG-P authentication.
Practical implications –Some RBG-P interfaces that are produced outside the designer’s culture may
suffer the effects of culturaldifferences. Hence, to incorporate culture in the interface, authenticationsystems
within applications should be flexible bydesigning images that fit the culture in which the software will be
used. To this end,access control interface testing should alsobe carried out in the environmental and cultural
contextin which it is will be used.
Originality/value –This paper provides useful information for international developers who develop
cross-cultural usable secure designs. In such environments, the cross-culturally designs may have
This research received no specific grant from any funding agency in the public, commercial or
nonprofit sectors. The study, in this paper, is part of a larger research project proposal approved
according to Towson University requirements for the ethical conduct of research that involves
human participants. The proposal has been reviewed and signed by the Towson University
institutional review board chairman with an approval number of 16-A082.
Effects of
culture
73
Received10 August 2019
Revised5 December 2019
19March 2020
Accepted19 March 2020
Journalof Systems and
InformationTechnology
Vol.22 No. 1, 2020
pp. 73-95
© Emerald Publishing Limited
1328-7265
DOI 10.1108/JSIT-08-2019-0157
The current issue and full text archive of this journal is available on Emerald Insight at:
https://www.emerald.com/insight/1328-7265.htm
significant effects on the acceptability and adoption adaptation of the interface to multi-cultural
settings.
Keywords Hofstede, Authentication, Graphical password, Entropy, Cross-cultural design,
Password complexity
Paper type Research paper
Introduction
Graphical passwords have been used as a potential solution for the vulnerabilities of
alphanumerical passwords because of human memory limitations and/or social engineering
complexities. Research has indicated that it is more difficult to decode graphical passwords
than textual passwords, for which one can use methods such as brute force attack, dictionary
attack, guessing, social engineering and spyware (Bendale et al., 2015;Bhusari, 2013;Chong
and Marsden, 2009;Mclennan et al., 2017;Rao et al., 2013;Ray, 2012;Sahu and Singh, 2015).
Graphical passwords also help to resolve the weakness of alphanumeric password
memorability. Because of this, Rook and Donnell (1993) claimed that graphical interface
expressions would result in higher performance than alphanumeric expressions would.
Many products’interfaces follow specific standards produced in one culture but used by
people from other cultures. For instance, graphical password image interfaces developed in
Western cultures are frequently used by individuals from a wide range of other cultures around
the globe. This has been observed by many scholars, who have advised that for a successful
product, designers must consider diverse cultural attributes during development (Marcus and
Gould, 2001;Parmaxi and Zaphiris, 2016). It is noteworthy that Marcus and Gould (2000) advised
companies that operate in different parts of the world using the web to consider the powerful role
that culture plays in understanding and use of web-based interface and contents. Aljaroodi et al.
(2020) conducted intensive literature and interview thematic analysis on avatar user interface (UI)
design for Arabian culture to develop six general guidelines specifically for Arabian users.
Aljaroodi et al. expected these guidelines to be used by designers to ameliorate avatars UI design
for users of Arabian cultural values and norms.
This research will address the effects of cultural differences in the Kingdom of Saudi Arabia
(KSA) and China on recognition-based graphical password (RBG-P) authentication. The Saudi
and Chinese cultures are characterized by different economic, political, social and religious
environments, which are reflected in their cultural dimensions. There is very little empirical
research on the effect of culture on RBG-P usability. In fact, there has been no study of the effect
of national cultures and subcultures on the usability or security of RBG-Ps in these two countries.
Motivation
There has been a considerable amount of research conducted in the areas of cultural
characteristics, interface usability and information security relationships. However, limited
empirical research can be found on the effects of cross-cultural dimensions on RBG-P
usability. The RBG-P technique uses visual recognition memory that is used to recognize
previously selected images during the registration phase (Renauda and De Angelib, 2004).
Suo et al. (2006) stated that during the registrationphase, the user is offered a set of images,
and if the user identifies or recognizes the images (pass-images) chosen during the
registration process, the user will be authenticated. Cultural attributes as described by
Hofstede et al. (2010) such as power distance, uncertainty, individualism, masculinity,
orientation and indulgence, play a significant role in how individuals handle interactive
products, thus influencingthe way in which communication takes place. Vatrapu and Pérez-
Quiñones (2006) warned that if the cultural influence is ignored, usability evaluation could
JSIT
22,1
74
To continue reading
Request your trial