VeriSMS: A Message Verification System for Inclusive Patient Outreach against Phishing Atacks

Chenkai Wang, Zhuofan Jia, Hadjer Benkraouda, Cody Zevnik, Nicholas Heuermann, Roopa Foulger, Jonathan A. Handler, Gang Wang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Patient outreach enables timely communication between patients and healthcare providers but is vulnerable to phishing/spoofing attacks. In this paper, we work with a U.S.-based healthcare provider to design an inclusive method to address this threat. We present VeriSMS which allows patients to call a voice agent to verify whether the received (sensitive) messages are indeed sent by their healthcare provider. We design the system to be inclusive: it is accessible to patients who only have access to SMS and phone call capabilities. We perform a two-part user study to refine the system design (N=15) and confirm users can correctly understand the system and use it to identify spoofed/phishing messages (N=35). A key insight from our study is to not exclusively optimize for strong security but to tailor the designs based on user habits. Our result confirms the effectiveness and usability of VeriSMS and its ability to significantly increase adversaries' costs.

Original languageEnglish (US)
Title of host publicationCHI 2024 - Proceedings of the 2024 CHI Conference on Human Factors in Computing Sytems
PublisherAssociation for Computing Machinery
ISBN (Electronic)9798400703300
DOIs
StatePublished - May 11 2024
Event2024 CHI Conference on Human Factors in Computing Sytems, CHI 2024 - Hybrid, Honolulu, United States
Duration: May 11 2024May 16 2024

Publication series

NameConference on Human Factors in Computing Systems - Proceedings

Conference

Conference2024 CHI Conference on Human Factors in Computing Sytems, CHI 2024
Country/TerritoryUnited States
CityHybrid, Honolulu
Period5/11/245/16/24

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Graphics and Computer-Aided Design

Fingerprint

Dive into the research topics of 'VeriSMS: A Message Verification System for Inclusive Patient Outreach against Phishing Atacks'. Together they form a unique fingerprint.

Cite this