Glossary

Search results

Accessible Authentication(also: WCAG 3.3.7, Accessible Authentication (Minimum))

A web accessibility requirement introduced in WCAG 2.2 (Success Criterion 3.3.7) that mandates for each step in an authentication process relying on a cognitive function test — such as remembering a password, solving a puzzle, or transcribing distorted text — at least one…

Audio CAPTCHA(also: Audio HIP, Audio Human Interaction Proof)

An auditory alternative to visual CAPTCHAs, typically presenting distorted spoken letters, numbers, or words that users must transcribe. While intended as an accessible alternative for blind users, research shows audio CAPTCHAs have success rates of only 43-50% for screen reader…

Aural Eavesdropping(also: Audio Eavesdropping, Auditory Shoulder Surfing)

A security attack in which an unauthorized person overhears sensitive information such as passwords, PINs, or personal data being spoken aloud. This is a particular concern for people who are blind or have low vision because screen readers announce all on-screen content audibly,…

Authentication(also: User Authentication, Login)

The process of verifying a user's identity before granting access to a system, service, or protected content. Common authentication methods include passwords, PINs, biometrics, and security tokens. Authentication presents significant accessibility barriers: people with cognitive…

Biometric Authentication(also: Biometrics, Biometric Identification)

A security method that verifies a person's identity using unique biological characteristics such as fingerprints, facial features, iris patterns, or voice. For people with vision impairments, biometric authentication — particularly fingerprint recognition — is widely preferred…

Biometric Authentication(also: Biometrics, Biometric Security, Behavioral Biometrics)

Security technology that uses unique biological or behavioral characteristics to verify identity, including fingerprints, facial recognition, iris scans, voice patterns, and handwritten signatures. Accessibility considerations are critical because many biometric systems assume…

Biometric System(also: Biometric Technology, Biometric Identification)

A technology system that uses innate human physical or behavioral characteristics — such as facial features, fingerprints, voice patterns, gait, or iris patterns — to identify or verify a person's identity. Biometric systems pose particular risks for people with disabilities…

Coercion Resistance(also: Receipt-Freeness, Anti-Coercion)

Coercion resistance is a security property of voting systems that prevents a coercer from verifying how a voter cast their ballot, even if the voter cooperates with the coercer. A related but weaker property, receipt-freeness, means the voter cannot produce proof of their vote…

Content Security Policy(also: CSP)

An HTTP response header that allows web developers to restrict which sources of content (scripts, styles, images, frames, etc.) a browser will load for a given page, mitigating cross-site scripting and data injection attacks. CSP interacts with browser extensions because strict…

Deepfake(also: Synthetic Media, AI-Generated Media)

AI-generated or AI-manipulated media (images, video, audio, or text) designed to convincingly depict events, people, or statements that never occurred. Deepfakes pose specific risks for people with disabilities: AI-generated fake images of disabled people have been used for…

End-to-End Verifiability(also: E2E Verifiability, E2EV)

End-to-end verifiability (E2EV) is a property of voting systems that allows voters to independently verify that their ballot was cast as intended, recorded as cast, and counted as recorded — without relying on trust in any single authority or system component. It is composed of…

End-to-End Verifiable Voting(also: E2E-V, End-to-End Verifiable Election System)

A class of voting systems designed so that each voter can independently verify their vote was cast as intended, recorded as cast, and counted as recorded, while preserving ballot secrecy. Examples include Helios, Belenios, Scantegrity, Pret-a-Voter, and newer wallet-based…

Equal Error Rate(also: EER, Crossover Error Rate)

A metric used to evaluate biometric system performance, representing the point at which the false acceptance rate (wrongly accepting unauthorized users) equals the false rejection rate (wrongly rejecting authorized users). Lower EER values indicate better system accuracy. In…

Graphical Authentication(also: Graphical Password, Picture Password)

An authentication method that uses images, patterns, or visual elements instead of text-based passwords. Graphical authentication leverages human visual memory, which is generally stronger than verbal memory for recognition tasks. Types include recognition-based systems…

Graphical Password(also: Picture Password, Visual Password)

An authentication method that uses images instead of text, requiring users to either recognize previously selected images (recognition-based) or recall specific points on an image (recall-based). Graphical passwords were designed to leverage visual memory, which is often…

Human Interaction Proof(also: HIP, Human Interactive Proof)

A challenge-response test designed to distinguish human users from automated software (bots). Human Interaction Proofs are the technical term for CAPTCHAs and similar verification systems. While effective against automated attacks, HIPs present significant accessibility…

Jailbreak(also: LLM Jailbreak, AI Jailbreak)

In the context of generative AI, a class of adversarial input designed to bypass a model's safety rules, instruction-following constraints, or content policy — for example, instructions that tell the model to "ignore previous rules" or role-play as an unrestricted assistant.…

Multi-Factor Authentication(also: MFA, 2FA, Two-Factor Authentication)

An authentication pattern that requires two or more verification factors — something you know (password), have (phone, token), or are (biometric) — to confirm a user's identity. MFA substantially reduces account compromise from stolen passwords. Accessibility considerations…

Privacy Enhancing Technology(also: PET, PETs)

A category of tools, protocols, and practices designed to protect user privacy while using digital systems, including anonymising proxies, tracker blockers, end-to-end encryption, differential privacy, and private browsing modes. PETs increasingly intersect with accessibility…

Privacy Threat Model(also: Privacy Threat Analysis, Privacy Risk Assessment)

A systematic process for identifying, classifying, and evaluating potential privacy risks that a technology system may pose to its users. Privacy threat modeling extends security-focused frameworks (like Microsoft's STRIDE) to address privacy-specific concerns. The LINDDUN…

Prompt Injection(also: Indirect Prompt Injection, Prompt Engineering Attack)

A technique — originally an LLM security concern — in which carefully crafted instructions embedded in a user prompt or referenced content override the model's intended behaviour, constraints, or safety rules. In accessibility research and practice, the term is increasingly used…

Pseudonymization(also: Pseudonymisation, De-identification)

A privacy technique in which personally identifying fields are replaced with artificial identifiers — typically hashes, tokens, or randomly assigned IDs — so that the data can no longer be attributed to a specific person without additional information kept separately. Recognised…

Recognition-Based Authentication(also: Cognometric Authentication)

A type of graphical authentication where users authenticate by recognizing and selecting previously registered images from a set that includes decoy images. Unlike recall-based systems that require users to remember and reproduce a pattern, recognition-based systems leverage the…

Red Teaming(also: Generative Red-Teaming, AI Red Teaming)

A structured evaluation practice in which an adversarial team probes a system — traditionally a network or application, increasingly an AI model or conversational agent — with realistic attack scenarios to find failures before malicious actors do. Generative red-teaming…

Role-Based Access Control(also: RBAC)

An authorisation model in which system permissions are attached to roles (e.g., user, administrator, clinician, caregiver) and users are granted one or more roles rather than permissions directly. Widely used in healthcare, enterprise software, and increasingly in…

Screen Curtain(also: Display Curtain)

Screen Curtain is an accessibility feature available on iOS and some other platforms that turns off the device's display while keeping the device fully functional and responsive to touch input and screen reader output. Originally designed to save battery power for blind users…

Shoulder Surfing

A form of visual eavesdropping where an attacker observes a person entering sensitive information such as passwords, PINs, or personal data by looking over their shoulder or from a nearby vantage point. Shoulder surfing is a particularly significant security concern for people…

Threat Modeling(also: Security Threat Modeling, STRIDE)

A structured engineering practice for identifying, categorising, and mitigating security and privacy threats in a system before they are exploited. The widely used STRIDE framework (Microsoft) covers six classes — Spoofing, Tampering, Repudiation, Information disclosure, Denial…

Turing Test(also: Imitation Game)

The Turing Test, proposed by Alan Turing in 1950, is a thought experiment for assessing whether a machine's conversational behaviour is indistinguishable from that of a human. A human evaluator engages in a text-based exchange with both a human and a machine and must decide…

Universal Verifiability(also: Public Verifiability)

Universal verifiability is a security property of election systems that enables any third party — not just registered voters — to independently audit and confirm that the published election outcome correctly reflects all legitimately cast ballots. It complements individual…

30 results.