Describe Psychological Acceptability

Many people and users think that security gets in their way of doing their work or task. Therefore, security should be conscious of the impact of security on those people. This is called psychological acceptability.

With a user, we want to be sure the user will not resist or work against the actual security mechanisms we put in place. We want security to be easy to use and make user understand that there is a tangible benefit they can see.

A biometric authentication, for example, can have several user concerns such as protection of privacy (intrusive), cleanliness (how many people used that reader?) and authentication time (how long it takes to be authenticated).

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is another technology with concerns (with usability, annoyance etc).

Key point: systems need to be build from a user perspective, and yet secure.