Usability of Activity-Based and Image-Based Challenge Questions in Online Student Authentication

  • Abrar UllahEmail author
  • Hannan Xiao
  • Trevor Barker
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9190)


There has been a renewed interest in secure authentication of students in online examinations. Online examinations are important and high stake assets in the context of remote online learning. The logistical challenges and absence of live invigilation in remote un-supervised online examination makes the identification and authentication process extremely difficult. The authors implemented pre-defined text-based challenge questions for student authentication in online examination using a Profile Based Authentication Framework (PBAF) approach. The pre-defined questions require students to register their answers, which causes distraction and usability challenges. In this study, a non-invasive activity-based learning journey questions approach was implemented combined with the image-based questions, using the PBAF approach. Findings of the study shows significant difference in the efficiency of activity-based and image-based questions during the learning process (p < 0.01). There was no significant difference in the accuracy of multiple-choice image-based and activity-based questions (p > 0.01). There was a significant difference in the accuracy of activity-based questions and activity-date questions (p < 0.01).


Online examination Authentication Usability Security 


  1. 1.
    Karaman, S.: Examining the effects of flexible online exams on students’ engagement in e-learning. Educ. Res. Rev. 6(3), 259–264 (2011)Google Scholar
  2. 2.
    Agency, Q.A.: Code of practice for the assurance of academic quality and standards in higher education. Assessment of Students, Second edition (2006)Google Scholar
  3. 3.
    Harmon, O.R., Lambrinos, J., Buffolino, J.: Assessment design and cheating risk in online instruction. Online J. Distance Learn. Adm. 13(3) (2010) Google Scholar
  4. 4.
    Grijalva, T.C.: Academic honesty and online courses. Department of Economics, Weber State University (2006)Google Scholar
  5. 5.
    Whitley, B.E.: Factors associated with cheating among college students: a review. Res. High. Educ. 39(3), 235–274 (1998)MathSciNetCrossRefGoogle Scholar
  6. 6.
    Mccabe, D.L., Treviño, L.K., Butterfield, K.D.: Cheating in academic institutions: a decade of research. Ethics Behav. 11(3), 219–232 (2001)CrossRefGoogle Scholar
  7. 7.
    Lanier, M.M.: Academic integrity and distance learning∗. J. Crim. Justice Educ. 17(2), 244–261 (2006)CrossRefGoogle Scholar
  8. 8.
    Ullah, A., Xiao, H., Lilley, M.: Profile based student authentication in online examination. In: International Conference on Information Society 2012, IEEE, London, UK (2012)Google Scholar
  9. 9.
    Ullah, A., Xiao, H., Barker, T., Lilley, M.: Evaluating security and usability of profile based challenge questions authentication in online examinations. J. Internet Serv. Appl. 5(1), 2 (2014)CrossRefGoogle Scholar
  10. 10.
    Ullah, A., Xiao, H., Barker, T., Lilley, M.: Graphical and text based challenge questions for secure and usable authentication in online examinations. In: The 9th International Conference for Internet Technology and Secured Transactions (ICITST) 2014, IEEE, London, UK (2014)Google Scholar
  11. 11.
    Just, M.: Designing secure yet usable credential recovery systems with challenge questions. In: CHI 2003 Workshop on Human-Computer Interaction and Security Systems 2003, Citeseer, Florada, USA (2003)Google Scholar
  12. 12.
    Just, M., Aspinall, D.: Personal choice and challenge questions: a security and usability assessment. In: Proceedings of the 5th Symposium on Usable Privacy and Security 2009, ACM, CA, USA (2009)Google Scholar
  13. 13.
    Schechter, S., Brush, A.J.B., Egelman, S.: It’s no secret. Measuring the security and reliability of authentication via ‘secret’ questions. In: 30th IEEE Symposium on Security and Privacy 2009, IEEE (2009)Google Scholar
  14. 14.
    Ullah, A., Xiao, H., Lilley, M., Barker, T.: Usability of profile based student authentication and traffic light system in online examination. In: The 7th International Conference for Internet Technology and Secured Transactions (ICITST), IEEE, London, UK (2012)Google Scholar
  15. 15.
    Just, M., Aspinall, D.: Challenging challenge questions. In: Socio-Economic Strand 2009, Oxford University, UK (2009)Google Scholar
  16. 16.
    Griffith, V., Jakobsson, M.: Messin’ with texas deriving mother’s maiden names using public records. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 91–103. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  17. 17.
    Wiedenbeck, S., Waters, J., Birget, J.-C., Brodskiy, A., Memon, N.: Authentication using graphical passwords: effects of tolerance and image choice. In: Proceedings of the 2005 Symposium on Usable Privacy and Security 2005, ACM (2005)Google Scholar
  18. 18.
    Hayashi, E., Hong, J., Christin, N.: Security through a different kind of obscurity: evaluating distortion in graphical authentication schemes. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems 2011, ACM (2011)Google Scholar
  19. 19.
    Rabkin, A.: Personal knowledge questions for fallback authentication: security questions in the era of facebook. In: SOUPS 2008: Proceedings of the 4th Symposium on Usable Privacy and Security 2008, 23, ACM, New York, NY, USA (2008)Google Scholar
  20. 20.
    Babic, A., Xiong, H., Yao, D., Iftode, L.: Building robust authentication systems with activity-based personal questions. In: Proceedings of the 2nd ACM Workshop on Assurable and Usable Security Configuration 2009, ACM (2009)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.School of Computer ScienceUniversity of HertfordshireHatfieldUK

Personalised recommendations