|
Size: 798
Comment:
|
Size: 3336
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 7: | Line 7: |
| Do not require explicit authentication by default. Mobiles are personal, so only require authentication for first time entry, very high security situations, and for multi-user devices such as kiosks. Personal mobile devices also all have built in security methods, so users can lock them if security conscious. During setup, you may remind users of these features instead of adding additional security to your application. User identity, whenever known, should be used and as much information in the system displayed as possible before authentication gateways are passed. Authentication may then only require the password. Authentication must be presented in context, so it is clear what system the user is gaining access to, and why the level of security is needed. Entry methods must be designed to encourage ease of access, and prevent miskeying. |
|
| Line 10: | Line 17: |
| Text/numeric entry, using conventional input methods, whether hardware or virtual Virtual, changing pad Pattern Additional entry methods, such as voice, are not yet established enough to have best practices in the mobile space, and therefore no design patterns exist. Remember that entry of credentials is not enough to count as a full security methodology. Recovery, reset and out-of-channel notifications are also required, but are systematic approaches outside the scope of this document. For very high security applications, multi-factor authentication, biometrics and token-based security systems (such as RSA SecureID) must also be considered. |
|
| Line 13: | Line 29: |
| Pop-up or full screen Text Entry not obscured usually... Pad entry (on screen keypad, standard or custom - preference is to randomized if you go this way) Pattern entry (on screen gestural shapes) Provide links to seek help on entry, get more information on security of the system, and to recovery and/or reset methods. |
|
| Line 16: | Line 41: |
| Title and describe... not just app, but section or process. If title does not imply why they need to authenticate, add a description Label fields If identified, provide additional user information, such as their avatar photo and name. Do not just ask for the password with no supporting information |
|
| Line 19: | Line 49: |
| Use caution when obscuring fields. Do not assume that the default password method built into the OS is secure. Most still reveal the character being typed, as required in triple-tap text entry modes. If an obscured entry is required due to use as a kiosk, while attached to a projected device or in other shared situations, be sure to specify how obscured it must be. |
Everything I say about non-obscuring, and notes that you probably don't need it at all; devices are personal and those with secure info better lock the device -- device lock hints: make gestures clear, pattern codes, etc. ALSO, some notes about best practices for pattern and numeric unlock; it is easy to crack a lock by fingerprinty screens, so if truly high security, make it random position -- variation maybe cut by not design but security requirements, and designs that fall from that... Low: None, Mid: Pin/Pattern, High:??? + randomizing and non-form systems so the handset has no way of thwarting you and saving the entry
Problem
Solution
Do not require explicit authentication by default. Mobiles are personal, so only require authentication for first time entry, very high security situations, and for multi-user devices such as kiosks.
Personal mobile devices also all have built in security methods, so users can lock them if security conscious. During setup, you may remind users of these features instead of adding additional security to your application.
User identity, whenever known, should be used and as much information in the system displayed as possible before authentication gateways are passed. Authentication may then only require the password.
Authentication must be presented in context, so it is clear what system the user is gaining access to, and why the level of security is needed. Entry methods must be designed to encourage ease of access, and prevent miskeying.
Variations
Text/numeric entry, using conventional input methods, whether hardware or virtual
Virtual, changing pad
Pattern
Additional entry methods, such as voice, are not yet established enough to have best practices in the mobile space, and therefore no design patterns exist.
Remember that entry of credentials is not enough to count as a full security methodology. Recovery, reset and out-of-channel notifications are also required, but are systematic approaches outside the scope of this document. For very high security applications, multi-factor authentication, biometrics and token-based security systems (such as RSA SecureID) must also be considered.
Interaction Details
Pop-up or full screen
Text Entry not obscured usually...
Pad entry (on screen keypad, standard or custom - preference is to randomized if you go this way)
Pattern entry (on screen gestural shapes)
Provide links to seek help on entry, get more information on security of the system, and to recovery and/or reset methods.
Presentation Details
Title and describe... not just app, but section or process. If title does not imply why they need to authenticate, add a description
Label fields
If identified, provide additional user information, such as their avatar photo and name. Do not just ask for the password with no supporting information
Antipatterns
Use caution when obscuring fields. Do not assume that the default password method built into the OS is secure. Most still reveal the character being typed, as required in triple-tap text entry modes. If an obscured entry is required due to use as a kiosk, while attached to a projected device or in other shared situations, be sure to specify how obscured it must be.