iBet uBet web content aggregator. Adding the entire web to your favor.
iBet uBet web content aggregator. Adding the entire web to your favor.



Link to original content: https://doi.org/10.1007/978-3-319-27659-5_19
On the Viability of CAPTCHAs for use in Telephony Systems: A Usability Field Study | SpringerLink
Skip to main content
Springer Nature Link
Log in

On the Viability of CAPTCHAs for use in Telephony Systems: A Usability Field Study

  • Conference paper
  • First Online:
Information Security

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7807))

  • 782 Accesses

Abstract

Telephony systems are imperative for information exchange offering low cost services and reachability to millions of customers. They have not only benefited legitimate users but have also opened up a convenient communication medium for spammers. Voice spam is often encountered on telephony systems in various forms, such as by means of an automated telemarketing call asking to call a number to win a reward. A large percentage of voice spam is generated through automated system which introduces the classical challenge of distinguishing machines from humans on telephony systems. CAPTCHA is a conventional solution deployed on the web to address this problem. Audio-based CAPTCHAs have been proposed as a solution to curb voice spam. In this paper, we conducted a field study with 90 participants in order to answer two primary research questions: quantifying the amount of inconvenience telephony-based CAPTCHA may cause to users, and how various features of the CAPTCHA, such as duration and size, influence usability of telephony-based CAPTCHA. Our results suggest that currently proposed CAPTCHAs are far from usable, with very low solving accuracies, high solving times and poor overall user experience. We provide certain guidelines that may help improve existing CAPTCHAs for use in telephony systems.

The total length of this paper, when put in LNCS format, is at most 16 pages.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Softphone is an application that allows a desktop, laptop or workstation computer to work as a telephone via Voice over IP technology e.g. Skype.

  2. 2.

    https://login.yahoo.com/config/login?.

  3. 3.

    http://slashdot.org/.

  4. 4.

    FreeSWITCH is one of the open source telephony platforms which has enabled easy access to telephony often required by various businesses. http://www.freeswitch.org//.

  5. 5.

    https://slashdot.org/my/newuser.

  6. 6.

    Given that SUS is 68 for average usable system.http://www.measuringusability.com/sus.php.

  7. 7.

    Are you human Captcha. Secure from All Angles, http://areyouahuman.com/security/.

References

  1. The Dark Side of Voice. http://content.yudu.com/A1qlhz/CommsDealerJan11/resources/38.htm

  2. FTC Robocalls Challenge (2012). http://robocall.challenge.gov/submissions/

  3. Andreas, N.K., Schmidt, U., Khayari, R.E.: Spam over internet telephony and how to deal with it. arXiv preprint arXiv:0806.1610 (2008)

  4. Baird, H., Bentley, J., Lopresti, D., Wang, S.-Y.: Methods and Apparatus for Defending Against Telephone-Based Robotic Attacks Using Contextual-Based Degradation. United States Patent (2011)

    Google Scholar 

  5. Baird, H., Bentley, J., Lopresti, D., Wang, S.-Y.: Methods and Apparatus for Defending against Telephone-Based Robotic Attacks using Random Rersonal Codes. United States Patent (2011)

    Google Scholar 

  6. Balasubramaniyan, V.A., Poonawalla, A., Ahamad, M., Hunter, M.T., Traynor, P.: PinDr0p: using single-ended audio features to determine call provenance. In: Proceedings of the 17th ACM Conference on Computer and Communications Security. ACM (2010)

    Google Scholar 

  7. Bigham, J.P., Cavender, A.C.: Evaluating existing audio CAPTCHAs and an interface optimized for non-visual use. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM (2009)

    Google Scholar 

  8. Bonneau, D.G., Blanchard, H.E.: Human Factors and Voice Interactive Systems. Signals and Communication Technology. Springer, New York (2008)

    Google Scholar 

  9. Bradley, J.: Complete counterbalancing of immediate sequential effects in a latin square design. J. Am. Stat. Assoc. 53(282), 525–528 (1958)

    Article  MATH  Google Scholar 

  10. Bursztein, E., Bethard, S., Fabry, C., J. Mitchell, C., Jurafsky, D.: How good are humans at solving CAPTCHAs? a large scale evaluation. In: IEEE Symposium on Security and Privacy (SP) (2010)

    Google Scholar 

  11. Canadian election robocall scan. http://news.nationalpost.com/2012/03/05/robocalls-scandal-likely-the-fault-of-elections-canada-tory-mp/

  12. Cooper, G.: Research into cognitive load theory and instructional design at UNSW. http://webmedia.unmc.edu/leis/birk/CooperCogLoad.pdf (1998)

  13. Cranor, L.F.: A framework for reasoning about the human in the loop. In: Usability, Psychology, and Security (2008)

    Google Scholar 

  14. Datta, R., Li, J., Wang, J.Z.: Imagination: a robust image-based captcha generation system. In: MULTIMEDIA 2005, pp. 331–334 (2005)

    Google Scholar 

  15. Federal Trade Commission. Robocalls: All the rage, an FTC summit. http://www.ftc.gov/bcp/workshops/robocalls/docs/RobocallSummitTranscrip t.pdf (2012)

  16. Sauer, G., Hochheiser, H., Feng, J., Lazar, J.: Towards a universally usable CAPTCHA. In: Symposium On Usable Privacy and Security (2008)

    Google Scholar 

  17. Gross, J.N.: Captcha Using Challenges Optimized for distinguishing between humans and machines. U.S. Patent Application (2009)

    Google Scholar 

  18. Hoffstadt, D., Sorge, C., Rebahi, Y.: Spam over internet telephony. http://www.tu-chemnitz.de/etit/kn/Zukunft_der_Netze/presentation_hoffstadt.pdf

  19. International Telecommunication Union. Measuring the information Society. http://www.itu.int/ITU-D/ict/publications/idi/material/2012/MIS2012_wi thout_Annex_4.pdf

  20. Elson, J., Douceur, J., Howell, J., Saul, J.: Asirra: a CAPTCHA that exploits interest-aligned manual image categorization. In: ACM Conference on Computer and Communications Security (2007)

    Google Scholar 

  21. Yan, J., Ahmad, A.: Usability of CAPTCHAs or usability issues in CAPTCHA design. In: Symposium on Usable Privacy and Security (2008)

    Google Scholar 

  22. Jakobsson, M., Akavipat, R.: Rethinking passwords to adapt to constrained keyboards. In: MoST (2012)

    Google Scholar 

  23. Jakobsson, M., Ramzan, Z.: Crimeware: Understanding New Attacks and Defenses. Symantec Press, Cupertino (2008)

    Google Scholar 

  24. Johansen, A.J.: Improvement of spit prevention technique based on turing test. Master’s thesis. Mahanakorn University of Technology (2010)

    Google Scholar 

  25. Kluever, K., Zanibbi, R.: Balancing usability and security in a video CAPTCHA. In: Symposium On Usable Privacy and Security, pp. 1–11 (2009)

    Google Scholar 

  26. Lazar et al. POSTER: Assessing the Usability of the new Radio Clip Based Human Interaction Proofs. Symposium On Usable Privacy and Security (2010)

    Google Scholar 

  27. Martin, S.: Hold the Phone-Will TDoS Be Your Next Big Threat? http://bankinnovation.net/2013/07/hold-the-phone-will-tdos-be-your-next-big-threat/, July 2013

  28. Polakis, I., Kontaxis, G., Ioannidis, S.: CAPTCHuring automated (smart) phone attacks. In: SysSec Workshop (SysSec), 2011 First. IEEE (2011)

    Google Scholar 

  29. Quittek, J., Niccolini, S., Tartarelli, S., Stiemerling, M., Brunner, M., Ewald, T.: Detecting spit calls by checking human communication patterns. In: IEEE International Conference on Communications, ICC 2007. IEEE (2007)

    Google Scholar 

  30. Chow, R., Golle, P., Jakobsson, M., Wang, L., Wang, X.: Making CAPTCHAs clickable. In: HotMobile (2008)

    Google Scholar 

  31. Ross, S., Halderman, J., Finkelstein, A.: Sketcha: a CAPTCHA based on line drawings of 3D models. In: Conference on World Wide Web (WWW) (2010)

    Google Scholar 

  32. Soupionis, Y., Gritzalis, D.: Audio CAPTCHA: existing solutions assessment and a new implementation for VoIP telephony. Comput. Secur. 29, 603–618 (2010)

    Article  Google Scholar 

  33. Soupionis, Y., Tountas, G., Gritzalis, D.: Audio CAPTCHA for SIP-based VoIP. In: Gritzalis, D., Lopez, J. (eds.) SEC 2009. IFIP AICT, vol. 297, pp. 25–38. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  34. The Federal Bureau of Investigation. The Latest Phone Scam Targets Your Bank Account. http://www.fbi.gov/news/stories/2010/june/phone-scam, June 2010

  35. Tsiakis, T., Katsaros, P., Gritzalis, D.: Economic evaluation of interactive audio media for securing internet services. In: ICGS3/e-Democracy, pp. 46–53 (2011)

    Google Scholar 

  36. von Ahn, L., Blum, M., Langford, J.: Telling Humans and Computers Apart (Automatically) or How Lazy Cryptographers Do AI. Computer Science Department 149 (2002)

    Google Scholar 

  37. Zhang, H., Wen, X., He, P., Zheng, W.: Dealing with telephone fraud using captcha. In: ICIS (2009)

    Google Scholar 

Download references

Acknowledgements

The research of the first author is supported by TCS (Tata Consultancy Service) Research Scholarship. We would like to thank Dr. Iulia Ion and Paridhi Jain for their input on the study. The authors would also like to thank International Development Research Centre (IRDC) and all members of PreCog research group at IIIT-Delhi. We would like to thank Siddhartha Asthana for helping in deployment of the system and all participants in the study.

Author information

Authors and Affiliations

  1. IIIT-Delhi, New Delhi, India

    Niharika Sachdeva & Ponnurangam Kumaraguru

  2. University of Alabama at Birmingham, Birmingham, USA

    Nitesh Saxena

Authors
  1. Niharika Sachdeva
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nitesh Saxena
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ponnurangam Kumaraguru
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Niharika Sachdeva .

Editor information

Editors and Affiliations

  1. University of Texas at Dallas, Richardson, Texas, USA

    Yvo Desmedt

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Sachdeva, N., Saxena, N., Kumaraguru, P. (2015). On the Viability of CAPTCHAs for use in Telephony Systems: A Usability Field Study. In: Desmedt, Y. (eds) Information Security. Lecture Notes in Computer Science(), vol 7807. Springer, Cham. https://doi.org/10.1007/978-3-319-27659-5_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-27659-5_19

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-27658-8

  • Online ISBN: 978-3-319-27659-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation