Mapping Biometric Security Paradox: A Behavioral Study of Perception and Awareness Among Indonesian Digital Natives

Erik Iman Heri Ujianto; Rianto Rianto

doi:10.62411/jcta.15935

Authors

Erik Iman Heri Ujianto Universitas Teknologi Yogyakarta
Rianto Rianto Universitas Teknologi Yogyakarta

DOI:

https://doi.org/10.62411/jcta.15935

Keywords:

Adaptive Authentication, Behavioral Cybersecurity, Biometric Authentication, Digital Forensics, Digital Natives, Human-Centered Security, Mobile Security, Risk Awareness

Abstract

The rapid adoption of smartphones among Indonesian digital natives has increased reliance on biometric authentication systems. However, empirical evidence regarding the relationship between user satisfaction and security risk awareness remains limited, particularly in developing-country contexts. This study investigates the behavioral dynamics of biometric security perception among 266 respondents, consisting of 221 high school students and 45 university students in Indonesia. A Python-based computational pipeline incorporating Akaike Information Criterion (AIC) validation and 1,000-iteration stochastic bootstrapping was employed to evaluate nonlinear behavioral patterns using Polynomial Regression and Ordinary Least Squares (OLS) multivariate analysis. The results confirm the existence of a nonlinear Security Paradox. While the overall population demonstrates a positive quadratic trajectory, the university student group exhibits a concave-down parabolic relationship (a=−0.0460), indicating a decline in perceived utility beyond a specific security threshold. The identified behavioral breaking point occurs at X≈5.45 (95% CI: 2.99–20.77), suggesting that excessive security hardening may reduce perceived usability and increase cognitive friction. Furthermore, the ablation analysis reveals that security risk awareness (p<0.001) is the strongest predictor of user satisfaction, exceeding the influence of daily usage intensity. Segment-level analysis further demonstrates behavioral divergence between respondent groups. High school students exhibit relatively uniform satisfaction toward biometric systems, whereas university students display greater variability and more critical perceptions regarding authentication friction. These findings indicate that highly rigid security configurations may become less effective for users with higher digital literacy and risk awareness. This study contributes a computationally validated behavioral framework for understanding security–utility trade-offs and provides a conceptual foundation for developing adaptive, user-centric, and friction-aware biometric authentication systems.

References

P. Gupta et al., “Biometric Employee Identification Using Mobile Devices: ICT integration of Attendance Monitoring System (AMS) and Human Resource Information System (HRIS),” in 2023 International Conference on Advances in Computation, Communication and Information Technology (ICAICCIT), Nov. 2023, pp. 1169–1174. doi: 10.1109/ICAICCIT60255.2023.10465719.

M. Akter et al., “CO-oPS: A Mobile App for Community Oversight of Privacy and Security,” in Companion Publication of the 2022 Conference on Computer Supported Cooperative Work and Social Computing, Nov. 2022, pp. 179–183. doi: 10.1145/3500868.3559706.

R. Garcia-Martin and R. Sanchez-Reillo, “Vein Biometric Recognition on a Smartphone,” IEEE Access, vol. 8, pp. 104801–104813, 2020, doi: 10.1109/ACCESS.2020.3000044.

J. Zhang and Y. Wang, “A Survey of Behavioral Biometric Authentication on Smartphones,” in 2023 4th International Conference on Machine Learning and Computer Application, Oct. 2023, pp. 722–729. doi: 10.1145/3650215.3650342.

I. Aphanasyev, A. Bukreev, V. Sitnikov, O. Streltsov, and P. Stupen, “Biometric Venous Verification System for Smartphone,” in 2022 International Conference on Communications, Information, Electronic and Energy Systems (CIEES), Nov. 2022, pp. 1–6. doi: 10.1109/CIEES55704.2022.9990794.

R. Haluška, E. Švenk, M. Pleva, S. Ondás, M.-H. Su, and Y.-F. Liao, “User Recognition in Mobile Applications Using Fingerprint Sensors,” in 2023 21st International Conference on Emerging eLearning Technologies and Applications (ICETA), Oct. 2023, pp. 171–175. doi: 10.1109/ICETA61311.2023.10344050.

R. Salama et al., “Authentication using Biometric Data from Mobile Cloud Computing in Smart Cities,” in 2023 3rd International Conference on Advancement in Electronics & Communication Engineering (AECE), Nov. 2023, pp. 445–448. doi: 10.1109/AECE59614.2023.10428426.

A. Patrick, A. Burris, S. Das, and N. Noah, “Understanding User Perspective in a University Setting to Improve Biometric Authentication Adoption,” in Proceedings of the 9th Mexican International Conference on Human-Computer Interaction, Nov. 2022, pp. 1–10. doi: 10.1145/3565494.3565498.

Y. Yang et al., “Uncovering Security Vulnerabilities in Real-world Implementation and Deployment of 5G Messaging Services,” in Proceedings of the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks, May 2024, pp. 265–276. doi: 10.1145/3643833.3656131.

M. Wang, K. He, J. Chen, Z. Li, W. Zhao, and R. Du, “Biometrics-Authenticated Key Exchange for Secure Messaging,” in Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, Nov. 2021, pp. 2618–2631. doi: 10.1145/3460120.3484746.

G. Sandeepkumaryadax and S. Loganayagi, “Authenticating Users In Real World Applications using Multi Modal Biometric System For Smartphone’s Based Hidden Markov Model Compared With K Nearest Neighbor Algorithm,” in 2024 15th International Conference on Computing Communication and Networking Technologies (ICCCNT), Jun. 2024, pp. 1–5. doi: 10.1109/ICCCNT61001.2024.10724975.

S. A. Ali, M. A. Shah, T. A. Javed, S. M. Abdullah, and M. Zafar, “Iris recognition system in smartphones using light version (LV) recognition algorithm,” in 2017 23rd International Conference on Automation and Computing (ICAC), Sep. 2017, pp. 1–6. doi: 10.23919/IConAC.2017.8082011.

R. Y. Patil and S. R. Devane, “Network Forensic Investigation Protocol to Identify True Origin of Cyber Crime,” J. King Saud Univ. - Comput. Inf. Sci., vol. 34, no. 5, pp. 2031–2044, May 2022, doi: 10.1016/j.jksuci.2019.11.016.

R. Iskandar, A. Maksum, and A. Marini, “Digital citizenship literacy in Indonesia: The role of privacy awareness and social campaigns,” Soc. Sci. Humanit. Open, vol. 12, p. 101697, 2025, doi: 10.1016/j.ssaho.2025.101697.

A. C. M. Lim, L. H. X. Ng, and A. Taeihagh, “Biometric data landscape in Southeast Asia: Challenges and opportunities for effective regulation,” Comput. Law Secur. Rev., vol. 56, p. 106095, Apr. 2025, doi: 10.1016/j.clsr.2024.106095.

R. Allafi and A. A. Darem, “Usability and security in online authentication systems,” Int. J. Adv. Appl. Sci., vol. 12, no. 6, pp. 1–12, Jun. 2025, doi: 10.21833/ijaas.2025.06.001.

K. Gaur, P. Kumar, S. Tripathi, A. Tyagi, and K. Sharma, “Behavioural Biometrics: A Gait Recognition Approach,” in 2025 2nd International Conference on Artificial Intelligence, Metaverse, and Cybersecurity (ICAMAC), Oct. 2025, pp. 1–6. doi: 10.1109/ICAMAC67779.2025.11398490.

N. R. Vudathala, “AI-Driven Risk-Adaptive App Architecture: A Dynamic Approach to Authentication and Security in Mobile Applications,” Sarcouncil J. Eng. Comput. Sci., vol. 4, no. 7, 2025, doi: 10.5281/zenodo.16225319.

P. Prerna, S. Indora, and D. K. Atal, “Multi-Modal Biometric System: Technological Applications and Future Trends,” in 2025 3rd International Conference on Self Sustainable Artificial Intelligence Systems (ICSSAS), Jun. 2025, pp. 573–583. doi: 10.1109/ICSSAS66150.2025.11080766.

I. Rjab and L. Sliman, “Survey on Biometric Authentication for Decentralized Identity Management: Trends, Challenges, and Future Directions,” Futur. Internet, vol. 18, no. 3, p. 126, Mar. 2026, doi: 10.3390/fi18030126.

C. Wang, Y. Xiao, X. Gao, L. Li, and J. Wang, “A Framework for Behavioral Biometric Authentication Using Deep Metric Learning on Mobile Devices,” IEEE Trans. Mob. Comput., vol. 22, no. 1, pp. 19–36, Jan. 2023, doi: 10.1109/TMC.2021.3072608.

X. X. Zheng, B. Taha, M. M. U. Rahman, M. Masood, D. Hatzinakos, and T. Al-Naffouri, “Multimodal biometric authentication using camera-based PPG and fingerprint fusion,” Pattern Recognit. Lett., vol. 197, pp. 1–7, Nov. 2025, doi: 10.1016/j.patrec.2025.06.017.

S. Colabianchi, F. Costantino, F. Nonino, and G. Palombi, “Transforming threats into opportunities: The role of human factors in enhancing cybersecurity,” J. Innov. Knowl., vol. 10, no. 3, p. 100695, May 2025, doi: 10.1016/j.jik.2025.100695.

M. S. Hassan, N. H. Mai, N. S. A. Wahab, M. Bin Amin, M. M. Hassan, and J. Oláh, “Decentralized fintech platforms adoption intention in cyber risk environment among GenZ: A dual-method approach using PLS-SEM and necessary condition analysis,” Comput. Hum. Behav. Reports, vol. 18, p. 100687, May 2025, doi: 10.1016/j.chbr.2025.100687.

I. Ajzen, “Perceived Behavioral Control, Self‐Efficacy, Locus of Control, and the Theory of Planned Behavior 1,” J. Appl. Soc. Psychol., vol. 32, no. 4, pp. 665–683, Apr. 2002, doi: 10.1111/j.1559-1816.2002.tb00236.x.

A. Sutton and L. Tompson, “Towards a cybersecurity culture-behaviour framework: A rapid evidence review,” Comput. Secur., vol. 148, p. 104110, Jan. 2025, doi: 10.1016/j.cose.2024.104110.

H. Zwarts, J. Du Toit, and B. Von Solms, “Towards a Cybersecurity Governance Maturity Model for Critical Infrastructures in Developing Countries,” in Lecture Notes in Networks and Systems, 2025, pp. 540–553. doi: 10.1007/978-3-031-92605-1_33.

R. A. Rahimi and G. S. Oh, “Beyond theory: a systematic review of strengths and limitations in technology acceptance models through an entrepreneurial lens,” J. Mark. Anal., vol. 13, no. 4, pp. 1195–1218, Dec. 2025, doi: 10.1057/s41270-024-00318-x.