From user-centred design to security: building attacker personas for digital banking

Caroline Moeckel

Research output: Chapter in Book/Report/Conference proceedingConference contribution


A 10-step process model to build attacker personas borrowed from user-centred design is proposed and applied to digital banking in this work, with a focus on the procedural approach. A data set of publicly available secondary data sources and grounded theory analysis are used to build a hypothesis (attacker taxonomy) to base the attacker personas on. Benefits of attacker personas, for example raising security awareness, are outlined as well as current drawbacks, like a lack of integration into the wider security management environment. Future research topics such as methodological advancement, stakeholder verification and collaboration are also mentioned.
Original languageEnglish
Title of host publicationNordiCHI '18 Proceedings of the 10th Nordic Conference on Human-Computer Interaction
PublisherAssociation for Computing Machinery (ACM)
Number of pages6
ISBN (Electronic)978-1-4503-6437-9
Publication statusPublished - 29 Sept 2018

Cite this