Towards Information Technology Security for Universal Access

One way to secure Information Technology (IT) systems is with authentication mechanisms that distinguish between users. Users who differ in their cognitive and motor abilities, cultural background and personal characteristics should be able to operate the IT system including its security features. If system design fails to consider user diversity, users might bypass or disable the security feature, reducing system security. Providing universal accessesibility and acceptability is generally a challenge, especially when dealing with IT security. We present a conceptual model that explores and establishes guidelines for the inclusion of biometric authentication in systems which serve a wide range of users. Aspects of this model were examined in laboratory settings using a task which simulates mobile access to an eBanking system with biometric authentication. Younger and older participants used the authentication mechanism. The age groups clearly differed in their interaction with the IT and the security system. Designing security system for universal access remains a major challenge.