This paper proposes a scheme called Dynamic Security Skins to combat phishing.
Rachna calls phishing the “ultimate SOUPS problem” because phishers and security designers battle in the user interface, because attacks are rapidly evolving, and because it’s a real-world problem. Phishers rapidly iterate on HCI designs, exactly as we are taught to do in HCI, to discover the best ways to exploit human limitations.
The technique here is a proposed solution to phishing that involves changes on both the browser and server. There are two parts:
- The user chooses a personal image to be used as the background for login forms.
- The user compares a pattern in the login form to a pattern displayed in the page border to verify that the connection is encrypted.