{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,13]],"date-time":"2026-07-13T18:04:22Z","timestamp":1783965862605,"version":"3.55.0"},"reference-count":62,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2026,11,1]],"date-time":"2026-11-01T00:00:00Z","timestamp":1793491200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2026,11,1]],"date-time":"2026-11-01T00:00:00Z","timestamp":1793491200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2026,11,1]],"date-time":"2026-11-01T00:00:00Z","timestamp":1793491200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-017"},{"start":{"date-parts":[[2026,11,1]],"date-time":"2026-11-01T00:00:00Z","timestamp":1793491200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"},{"start":{"date-parts":[[2026,11,1]],"date-time":"2026-11-01T00:00:00Z","timestamp":1793491200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-012"},{"start":{"date-parts":[[2026,11,1]],"date-time":"2026-11-01T00:00:00Z","timestamp":1793491200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2026,11,1]],"date-time":"2026-11-01T00:00:00Z","timestamp":1793491200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-004"}],"funder":[{"DOI":"10.13039\/501100023674","name":"Deanship of Scientific Research, King Khalid University","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100023674","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100020912","name":"King Faisal University","doi-asserted-by":"publisher","award":["KFU254722"],"award-info":[{"award-number":["KFU254722"]}],"id":[{"id":"10.13039\/501100020912","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Computers &amp; Security"],"published-print":{"date-parts":[[2026,11]]},"DOI":"10.1016\/j.cose.2026.105021","type":"journal-article","created":{"date-parts":[[2026,6,23]],"date-time":"2026-06-23T15:43:09Z","timestamp":1782229389000},"page":"105021","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":0,"special_numbering":"C","title":["Toward a resilient cybersecurity environment: The Heuristics Framework for Authenticating Mobile Applications (HFAMA)"],"prefix":"10.1016","volume":"170","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0596-5018","authenticated-orcid":false,"given":"Abdulmohsen Saud","family":"Albesher","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9176-9453","authenticated-orcid":false,"given":"Ahmed","family":"Aljughaiman","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"78","reference":[{"key":"10.1016\/j.cose.2026.105021_b1","series-title":"Extended Abstracts of the 2021 CHI Conference on Human Factors in Computing Systems","article-title":"Think harder! investigating the effect of password strength on cognitive load during password creation","author":"Abdrabou","year":"2021"},{"key":"10.1016\/j.cose.2026.105021_b2","series-title":"Proceedings of the South African Institute of Computer Scientists and Information Technologists","article-title":"Development of heuristics for usability evaluation of m-commerce applications","author":"Ajibola","year":"2017"},{"key":"10.1016\/j.cose.2026.105021_b3","series-title":"Security analysis of mobile banking application in Qatar","author":"Al-Delayel","year":"2023"},{"key":"10.1016\/j.cose.2026.105021_b4","doi-asserted-by":"crossref","first-page":"137293","DOI":"10.1109\/ACCESS.2020.3011259","article-title":"Comprehensive review of cybercrime detection techniques","volume":"8","author":"Al-Khater","year":"2020","journal-title":"IEEE Access"},{"key":"10.1016\/j.cose.2026.105021_b5","article-title":"User-centric adaptive password policies to combat password fatigue","author":"Al-Slais","year":"2022","journal-title":"Int. Arab. J. Inf. Technol."},{"issue":"5","key":"10.1016\/j.cose.2026.105021_b6","doi-asserted-by":"crossref","first-page":"519","DOI":"10.1007\/s00607-017-0546-9","article-title":"A model for evaluating the security and usability of e-banking platforms","volume":"99","author":"Alarifi","year":"2017","journal-title":"Computing"},{"issue":"14","key":"10.1016\/j.cose.2026.105021_b7","doi-asserted-by":"crossref","DOI":"10.3390\/su151411043","article-title":"Reviewing the usability of web authentication procedures: Comparing the current procedures of 20 websites","volume":"15","author":"Albesher","year":"2023","journal-title":"Sustainability"},{"issue":"8","key":"10.1016\/j.cose.2026.105021_b8","article-title":"Evaluating and comparing the usability of privacy in WhatsApp, Twitter, and snapchat","volume":"12","author":"Albesher","year":"2021","journal-title":"Int. J. Adv. Comput. Sci. Appl. (IJACSA)"},{"issue":"12","key":"10.1016\/j.cose.2026.105021_b9","doi-asserted-by":"crossref","DOI":"10.1371\/journal.pone.0315201","article-title":"Toward secure mobile applications through proper authentication mechanisms","volume":"19","author":"Albesher","year":"2024","journal-title":"PLoS One"},{"issue":"11","key":"10.1016\/j.cose.2026.105021_b10","doi-asserted-by":"crossref","DOI":"10.3390\/healthcare9111574","article-title":"Usability of telemedicine mobile applications during COVID-19 in Saudi Arabia: A heuristic evaluation of patient user interfaces","volume":"9","author":"Aldekhyyel","year":"2021","journal-title":"Healthcare"},{"key":"10.1016\/j.cose.2026.105021_b11","series-title":"Advances in the usability of banking system interfaces in Saudi Arabia","first-page":"119","author":"Aldowaihi","year":"2024"},{"issue":"10","key":"10.1016\/j.cose.2026.105021_b12","doi-asserted-by":"crossref","first-page":"678","DOI":"10.1080\/10447318.2011.654202","article-title":"A usable security heuristic evaluation for the online health social networking paradigm","volume":"28","author":"Alexandros Yeratziotis","year":"2012","journal-title":"Int. J. Human\u2013Computer Interact."},{"issue":"2","key":"10.1016\/j.cose.2026.105021_b13","doi-asserted-by":"crossref","DOI":"10.3390\/su15021231","article-title":"An empirical analysis of E-governments\u2019 cookie interfaces in 50 countries","volume":"15","author":"Alharbi","year":"2023","journal-title":"Sustainability"},{"issue":"12","key":"10.1016\/j.cose.2026.105021_b14","doi-asserted-by":"crossref","DOI":"10.3390\/info13120559","article-title":"Evaluating and comparing the usability of mobile banking applications in Saudi Arabia","volume":"13","author":"Alhejji","year":"2022","journal-title":"Information"},{"key":"10.1016\/j.cose.2026.105021_b15","doi-asserted-by":"crossref","DOI":"10.1016\/j.compeleceng.2024.109485","article-title":"Comprehensive survey: Biometric user authentication application, evaluation, and discussion","volume":"119","author":"Alrawili","year":"2024","journal-title":"Comput. Electr. Eng."},{"key":"10.1016\/j.cose.2026.105021_b16","series-title":"Development of usable security heuristics for fintech","author":"Ambore","year":"2021"},{"key":"10.1016\/j.cose.2026.105021_b17","series-title":"2017 International Conference on Research and Innovation in Information Systems","first-page":"1","article-title":"Exploring the usability, security and privacy taxonomy for mobile health applications","author":"Asaddok","year":"2017"},{"key":"10.1016\/j.cose.2026.105021_b18","series-title":"Study on Heuristic Usability Evaluation for Mobile Applications","author":"Avil\u00e9s Monroy","year":"2015"},{"key":"10.1016\/j.cose.2026.105021_b19","series-title":"Design, User Experience, and Usability: Theory and Practice","first-page":"327","article-title":"A proposal of usability heuristics oriented to E-banking websites","author":"Ba\u00f1os D\u00edaz","year":"2018"},{"key":"10.1016\/j.cose.2026.105021_b20","series-title":"Proceedings of the Working Conference on Advanced Visual Interfaces","first-page":"119","article-title":"Appropriating and assessing heuristics for mobile computing","author":"Bertini","year":"2006"},{"key":"10.1016\/j.cose.2026.105021_b21","series-title":"Advances in Design and Digital Communication III","first-page":"161","article-title":"Evaluating usability of mobile financial applications used in Bangladesh","author":"Bhowmik","year":"2023"},{"key":"10.1016\/j.cose.2026.105021_b22","series-title":"Design, User Experience, and Usability. Practice and Case Studies","first-page":"3","article-title":"Development and validation of usability heuristics for evaluation of interfaces in ATMs","author":"Chanco","year":"2019"},{"key":"10.1016\/j.cose.2026.105021_b23","doi-asserted-by":"crossref","first-page":"69","DOI":"10.1016\/j.cosrev.2019.03.002","article-title":"Usability, security and trust in password managers: A quest for user-centric properties and features","volume":"33","author":"Chaudhary","year":"2019","journal-title":"Comput. Sci. Rev."},{"key":"10.1016\/j.cose.2026.105021_b24","series-title":"Design, User Experience, and Usability: UX Research and Design","first-page":"225","article-title":"Developing and validating a set of usability and security metrics for ATM interfaces","author":"Falconi","year":"2021"},{"key":"10.1016\/j.cose.2026.105021_b25","series-title":"Proceedings of Mensch Und Computer 2019","first-page":"275","article-title":"Heuristics and models for evaluating the usability of security measures","author":"Feth","year":"2019"},{"key":"10.1016\/j.cose.2026.105021_b26","series-title":"Design, User Experience, and Usability: Design Thinking and Methods","first-page":"412","article-title":"Usability heuristics for web banking","author":"Fierro","year":"2016"},{"key":"10.1016\/j.cose.2026.105021_b27","article-title":"Heuristics used for evaluating the usability of mobile health applications: A systematic literature review","volume":"10","author":"Galavi","year":"2024","journal-title":"Digit. Health"},{"key":"10.1016\/j.cose.2026.105021_b28","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1155\/2014\/434326","article-title":"Heuristic evaluation on mobile interfaces: A new checklist","volume":"2014","author":"Y\u00e1\u00f1ez G\u00f3mez","year":"2014","journal-title":"Sci. World J."},{"key":"10.1016\/j.cose.2026.105021_b29","doi-asserted-by":"crossref","first-page":"277","DOI":"10.1016\/j.chb.2016.04.001","article-title":"Usability guideline for banking software design","volume":"62","author":"Gumussoy","year":"2016","journal-title":"Comput. Hum. Behav."},{"issue":"1","key":"10.1016\/j.cose.2026.105021_b30","doi-asserted-by":"crossref","first-page":"107","DOI":"10.1016\/j.jer.2023.09.014","article-title":"Adjusting counting-based secret-sharing via personalized passwords and email-authentic reliability","volume":"12","author":"Gutub","year":"2024","journal-title":"J. Eng. Res."},{"key":"10.1016\/j.cose.2026.105021_b31","series-title":"Design, User Experience, and Usability. Practice and Case Studies","first-page":"143","article-title":"Developing usability heuristics for recommendation systems within the mobile context","author":"Huang","year":"2019"},{"key":"10.1016\/j.cose.2026.105021_b32","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1016\/j.csi.2015.08.007","article-title":"Developing SMASH: A set of SMArtphone\u2019s usability heuristics","volume":"43","author":"Inostroza","year":"2016","journal-title":"Comput. Stand. Interfaces"},{"issue":"2","key":"10.1016\/j.cose.2026.105021_b33","doi-asserted-by":"crossref","DOI":"10.1002\/spy2.199","article-title":"Investigating the role of usable security in developers\u2019 intention toward security enhancement in service-oriented applications","volume":"5","author":"Jalali","year":"2022","journal-title":"Security Privacy"},{"issue":"1","key":"10.1016\/j.cose.2026.105021_b34","article-title":"Exploring customer awareness towards their cyber security in the Kingdom of Saudi Arabia: A study in the era of banking digital transformation","volume":"2023","author":"Johri","year":"2023","journal-title":"Hum. Behav. Emerg. Technol."},{"key":"10.1016\/j.cose.2026.105021_b35","series-title":"Adaptation of heuristic evaluation for mobile applications and the impact of context of use","author":"Joyce","year":"2021"},{"key":"10.1016\/j.cose.2026.105021_b36","series-title":"Advances in Human Factors, Software, and Systems Engineering","first-page":"77","article-title":"Mobile application usability: Heuristic evaluation and evaluation of heuristics","author":"Joyce","year":"2016"},{"key":"10.1016\/j.cose.2026.105021_b37","article-title":"Engineering graphical captcha and AES crypto hash functions for secure online authentication","author":"Kheshaifaty","year":"2021","journal-title":"J. Eng. Res."},{"issue":"4","key":"10.1016\/j.cose.2026.105021_b38","doi-asserted-by":"crossref","first-page":"3189","DOI":"10.1007\/s10639-020-10112-8","article-title":"A framework for heuristic evaluation of mobile learning applications","volume":"25","author":"Kumar","year":"2020","journal-title":"Educ. Inf. Technol."},{"issue":"4","key":"10.1016\/j.cose.2026.105021_b39","doi-asserted-by":"crossref","first-page":"647","DOI":"10.1108\/ICS-10-2020-0167","article-title":"Exploring the meaning of usable security \u2013 a literature review","volume":"29","author":"Lennartsson","year":"2021","journal-title":"Inf. Comput. Secur."},{"issue":"4","key":"10.1016\/j.cose.2026.105021_b40","doi-asserted-by":"crossref","first-page":"366","DOI":"10.30630\/joiv.5.4.740","article-title":"Bridging usability and accessibility of user authentication using usable accessed (UAce) for online payment applications","volume":"5","author":"Mohamed","year":"2021","journal-title":"JOIV : Int. J. Informatics Vis."},{"key":"10.1016\/j.cose.2026.105021_b41","series-title":"Evaluation of Novel Approaches To Software Engineering","first-page":"180","article-title":"Improving mobile banking usability based on sentiments","author":"Mohan","year":"2016"},{"key":"10.1016\/j.cose.2026.105021_b42","series-title":"Towards a Framework to Promote the Development of Secure and Usable Online Information Security Applications","author":"Mujinga","year":"2018"},{"issue":"1","key":"10.1016\/j.cose.2026.105021_b43","article-title":"Towards a framework for online information security applications development: A socio-technical approach","volume":"31","author":"Mujinga","year":"2019","journal-title":"S. Afr. Comput. J."},{"key":"10.1016\/j.cose.2026.105021_b44","article-title":"Towards a heuristic model for usable and secure online banking","author":"Mujinga","year":"2013","journal-title":"ACIS 2013 Proc."},{"key":"10.1016\/j.cose.2026.105021_b45","doi-asserted-by":"crossref","unstructured":"Nayebi, F., Desharnais, J.-M., Abran, A., 2013. An Expert-Based Framework for Evaluating iOS Application Usability. In: 2013 Joint Conference of the 23rd International Workshop on Software Measurement and the 8th International Conference on Software Process and Product Measurement. pp. 147\u2013155.","DOI":"10.1109\/IWSM-Mensura.2013.30"},{"issue":"1","key":"10.1016\/j.cose.2026.105021_b46","doi-asserted-by":"crossref","DOI":"10.3390\/cryptography2010001","article-title":"Multi-factor authentication: A survey","volume":"2","author":"Ometov","year":"2018","journal-title":"Cryptography"},{"key":"10.1016\/j.cose.2026.105021_b47","series-title":"Comparative study of mobile payment apps: Google pay and PayPal using nielsen\u2019s usability heuristics","author":"Pachabotla","year":"2022"},{"key":"10.1016\/j.cose.2026.105021_b48","doi-asserted-by":"crossref","first-page":"116145","DOI":"10.1109\/ACCESS.2019.2910778","article-title":"Set of usability heuristics for quality assessment of mobile applications on smartphones","volume":"7","author":"Parente Da Costa","year":"2019","journal-title":"IEEE Access"},{"key":"10.1016\/j.cose.2026.105021_b49","article-title":"Evaluating personal data control in mobile applications using heuristics","author":"Pena","year":"2021","journal-title":"Work. Usable Secur. Priv. (USEC) 2021"},{"issue":"10","key":"10.1016\/j.cose.2026.105021_b50","article-title":"Developing a robust evaluation framework to evaluate security for online banking services","volume":"2","author":"Qasem","year":"2014","journal-title":"Int. J. Adv. Res. Comput. Sci. Manag. Stud."},{"key":"10.1016\/j.cose.2026.105021_b51","doi-asserted-by":"crossref","first-page":"89","DOI":"10.1016\/j.csi.2017.03.009","article-title":"How to develop usability heuristics: A systematic literature review","volume":"53","author":"Qui\u00f1ones","year":"2017","journal-title":"Comput. Stand. Interfaces"},{"key":"10.1016\/j.cose.2026.105021_b52","series-title":"Proceedings of the XVII International Conference on Human Computer Interaction","article-title":"A set of heuristics for usable security and user authentication","author":"Realpe","year":"2016"},{"key":"10.1016\/j.cose.2026.105021_b53","series-title":"Interaction Design: Beyond Human-Computer Interaction, 6th Edition | Wiley","author":"Rogers","year":"2023"},{"key":"10.1016\/j.cose.2026.105021_b54","series-title":"Six Privacy and Usability heuristics: from Grounded Models to Validated New Heuristics of Usable Privacy","author":"Salgado","year":"2022"},{"issue":"1","key":"10.1016\/j.cose.2026.105021_b55","doi-asserted-by":"crossref","DOI":"10.1145\/3624981","article-title":"Post-growth human\u2013computer interaction","volume":"31","author":"Sharma","year":"2023","journal-title":"ACM Trans. Comput.-Hum. Interact."},{"issue":"4","key":"10.1016\/j.cose.2026.105021_b56","doi-asserted-by":"crossref","first-page":"437","DOI":"10.1108\/ICS-04-2016-0034","article-title":"Human-centered authentication guidelines","volume":"25","author":"Still","year":"2017","journal-title":"Inf. Comput. Secur."},{"issue":"3","key":"10.1016\/j.cose.2026.105021_b57","doi-asserted-by":"crossref","DOI":"10.1145\/3183341","article-title":"The password life cycle","volume":"21","author":"Stobert","year":"2018","journal-title":"ACM Trans. Priv. Secur."},{"key":"10.1016\/j.cose.2026.105021_b58","article-title":"A review of multi-factor authentication in the internet of healthcare things","volume":"9","author":"Suleski","year":"2023","journal-title":"Digit. Health"},{"key":"10.1016\/j.cose.2026.105021_b59","unstructured":"Thitichaimongkhol, K., Senivongse, T., 2016. Enhancing Usability Heuristics for Android Applications on Mobile Devices. In: Proceedings of the World Congress on Engineering and Computer Science 2016 Vol I. San Francisco, USA, ISBN: 978-988-14047-1-8."},{"key":"10.1016\/j.cose.2026.105021_b60","doi-asserted-by":"crossref","first-page":"55563","DOI":"10.1109\/ACCESS.2020.2981892","article-title":"Usability of mobile applications: A systematic literature study","volume":"8","author":"Weichbroth","year":"2020","journal-title":"IEEE Access"},{"key":"10.1016\/j.cose.2026.105021_b61","series-title":"Information Technology Security: Modern Trends and Challenges","first-page":"69","article-title":"Exploring the landscape of password managers for individual users through innovative solution","author":"Zaidi","year":"2024"},{"key":"10.1016\/j.cose.2026.105021_b62","doi-asserted-by":"crossref","first-page":"26","DOI":"10.1016\/j.ijhcs.2019.08.006","article-title":"The password is dead, long live the password \u2013 A laboratory study on user perceptions of authentication schemes","volume":"133","author":"Zimmermann","year":"2020","journal-title":"Int. J. Hum.-Comput. Stud."}],"container-title":["Computers &amp; Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167404826001975?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167404826001975?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2026,7,13]],"date-time":"2026-07-13T17:12:30Z","timestamp":1783962750000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0167404826001975"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,11]]},"references-count":62,"alternative-id":["S0167404826001975"],"URL":"https:\/\/doi.org\/10.1016\/j.cose.2026.105021","relation":{},"ISSN":["0167-4048"],"issn-type":[{"value":"0167-4048","type":"print"}],"subject":[],"published":{"date-parts":[[2026,11]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Toward a resilient cybersecurity environment: The Heuristics Framework for Authenticating Mobile Applications (HFAMA)","name":"articletitle","label":"Article Title"},{"value":"Computers & Security","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.cose.2026.105021","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2026 Elsevier Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies.","name":"copyright","label":"Copyright"}],"article-number":"105021"}}