A Human-Centered Risk Evaluation of Biometric Systems Using Conjoint Analysis
Abstract
Biometric recognition systems, known for their convenience, are widely adopted across various fields. However, their security faces risks depending on the authentication algorithm and deployment environment. Current risk assessment methods faces significant challenges in incorporating the crucial factor of attacker’s motivation, leading to incomplete evaluations. This paper presents a novel human-centered risk evaluation framework using conjoint analysis to quantify the impact of risk factors, such as surveillance cameras, on attacker’s motivation. Our framework calculates risk values incorporating the False Acceptance Rate (FAR) and attack probability, allowing comprehensive comparisons across use cases. A survey of 600 Japanese participants demonstrates our method’s effectiveness, showing how security measures influence attacker’s motivation. This approach helps decision-makers customize biometric systems to enhance security while maintaining usability.