Alphacodes: Usable, Secure Transactions with Untrusted Providers using Human Computable PuzzlesAshlesh Sharma, Varun Chandrasekaran, Fareeha Amjad, Dennis Shasha, Lakshminarayanan Subramanian
Many banking and commerce payment systems in developing regions require users to share private or sensitive information in clear-text with untrusted providers exposing them to different forms of MitM attacks. In this paper, we introduce Alphacodes, a new paradigm that enables users to secure transactions with untrusted parties using the notion of human-computable visual puzzles. We describe how Alphacodes can be applied in different use cases and also show two simple applications that we have built using the Alphacodes framework. We motivate our solution using security vulnerabilities in existing systems, and show how our protocol overcomes them. We also demonstrate the ease of use of Alphacodes with minimal training using two simple crowdsourcing studies. Using another simple real world user study involving 10 users who speak Kannada (a regional Indian language), we show that the Alphacodes concept can be easily extended to other languages beyond English.