Users’ acceptance study of OAuth manager module for social login in mobile environment

Social login is a way that allows social network users to use their credential to log in to other applications. Currently, many developers make use of Open Authorization (OAuth) protocol to implement social login (SL). The design of OAuth protocol works well on workstations and desktops as they unif...

Full description

Saved in:
Bibliographic Details
Main Authors: Lee, Kah Ho, Katuk, Norliza
Format: Article
Language:English
Published: Universiti Teknikal Malaysia Melaka 2018
Subjects:
Online Access:http://repo.uum.edu.my/25680/1/JTEC%2010%202-4%202018%2041%2045.pdf
http://repo.uum.edu.my/25680/
http://journal.utem.edu.my/index.php/jtec/article/view/4314
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Universiti Utara Malaysia
Language: English
Description
Summary:Social login is a way that allows social network users to use their credential to log in to other applications. Currently, many developers make use of Open Authorization (OAuth) protocol to implement social login (SL). The design of OAuth protocol works well on workstations and desktops as they uniformly use web browsers to access web applications. However, it is exposed to security issues when it is moved to the mobile environment. Although native mobile applications are installed on the mobile devices, this protocol will call system browsers to complete the task; hence, exposing users to token redirection attacks. In overcoming the issue, this study attempts to evaluate a method called OAuth Manager Module (OMM) that aims to improve the security of this protocol in a mobile environment. It provides client isolation to prevent malicious actions during the social login process. A controlled experiment was conducted to evaluate user acceptance towards OMM. A within-subject design was conducted on thirty participants who participated in this study on a voluntary basis. The results show that users perceived OMM useful and easy-to-use compared to social login with system browser. However, in overall, users are still worried about the security of using social logins on mobile devices. This study can further serve as a foundation for various research on the security aspect of social login.