The Problem
Our society depends on the reliability and resilience of our infrastructure, which in turn depends on security. Unfortunately, our current software infrastructure is not only insecure, it is insecurable. No user interface can make an insecure system secure. We understand how to build systems whose foundations are vastly more secure, but we are likely to need new interaction designs so that people can use these secure systems securely.
The Prize
The Norm Hardy Prize is a $10,000 annual award for work that helps users make wise decisions. The Prize will recognize work that meets at least one of these criteria:
- Helps users understand, preferably tacitly, the security aspects of what they do
- Introduces workflows that make the secure way to do something the easy way
- Develops design principles for systems that are as easy or easier to use because of their security
- Explores ‘theory of mind’ with respect to how users interact with secure systems
The long term goal of the Norm Hardy Prize is a set of design principles and tools that encourage developers to create interaction designs that make it easy for people to use secure systems securely.
Submissions
To be eligible for the $10k prize, please submit work which discusses at least one of these four criteria:
- Actual implementation of a system
- User studies of novel system
- Theory of mind of the user
- Sets of principles for user interaction design
Submissions must include a description of the work and how it contributes to the stated goals of the Prize. They may include links to working prototypes that the judges can evaluate. Wire frames for new affordances will be accepted, but working prototypes are preferred. User studies that only evaluate existing systems are not eligible for the Prize. Work that proposes metrics for usable security must demonstrate that it can differentiate systems based on the ability of users to make good choices. Work on how users build mental models of the systems they use must demonstrate that these models can be translated into guidance for developers.
For questions about the prize, please reach out to: [email protected]
In what kind of architecture can the deputy use each permission only for the purpose it was given, without being led to use them for other purposes?
Winner
Dr. Pardis Emami-Naeini is awarded the 2025 Norm Hardy Prize for her research addressing the lack of consumer understanding regarding data management in smart home devices. Her research has led to the development of a layered, easy-to-read cybersecurity label that highlights key protections such as security updates, authentication, and data-handling practices. This work has directly influenced the U.S. Cyber Trust Mark labeling initiative for connected devices.
Previous Winners
2024
- Dr. Alisa Frik
- Dr. Serge Egelman
- Conor Gilsenan
- Prof. Eyal Peer
2023
- Covid Watch