The 2023 European Symposium on Usable Security

Dates and Location: October 16 & 17, 2023 Copenhagen, Denmark

The European Symposium on Usable Security (EuroUSEC) serves as a European forum for research and discussion in the area of human factors in security and privacy. EuroUSEC solicits previously unpublished work offering novel research contributions or clearly articulated research visions in any aspect of human-centered security and privacy. The aim of EuroUSEC is to bring together an interdisciplinary group of researchers and practitioners in human-computer interaction, security, and privacy. Participants are researchers, practitioners, and students from domains including computer science, engineering, psychology, the social sciences, and economics.

EuroUSEC is an independent event in Copenhagen without any affiliation to any conference. We strive to keep registration costs to a minimum.

The International Conference Proceedings Series (ICPS) of ACM has accepted our application, and similar to last year, the EuroUsec proceedings will be published by ACM this year as well.

We will require one author of each accepted paper to present the paper in person. In certain circumstances, people who cannot travel may present their papers virtually. Under the same restrictions, we will ask keynote speakers to come and present in person.

We want EuroUSEC to be a community-driven event and would love to hear any questions, comments, or concerns you might have regarding these changes from last year. Therefore we want to encourage everyone to join the EuroUSEC Slack. Alternatively, you can email the program chairs with any questions or concerns..

EuroUSEC is part of the USEC family of events. You can find more info about all USEC events at:

Keynote Speakers

Jetzabel M. Serna-Olvera

Talk Title: TBA

Biography: Dr. Jetzabel M. Serna-Olvera is the CEO and Co-founder of SAPAR GmbH, with over 18 years of experience in the global cybersecurity sector. She holds a Bachelor's degree in Computer Systems Engineering, a Master's degree in Computer Science and Communications Engineering, and a PhD in cybersecurity. Throughout her career, she has worked in various roles including software engineer (Tijuana City Council), security researcher (esCERT-UPC and LaCaixa Bank), and cybersecurity strategist (Continental, Rober Bosch GmbH, and Geely). She has contributed as an assistant professor at the Goethe University of Frankfurt and an external lecturer at the RheinMain University of Applied Sciences. Dr. Serna-Olvera has contributed to national and international research projects and her work focuses on Vulnerability Management, Incident Response, Threat Intelligence, and nurturing a culture of cybersecurity. She is passionate about fostering information sharing, addressing privacy issues, and integrating cybersecurity into core business operations.

Albin Zuccato

Talk Title: TBA

Biography: Albin is currently Chief Information Security Officer at ICA Gruppen AB. In this role, he maintains and develops Information Security, Cyber Security, and IT privacy. He holds a Ph.D. in information security management and is CISSP, CISA, ISO 27001 Lead Implementer, and Lead Auditor certified. Albin has worked in information security, IT security, and data protection since 1997. He has experience in the financial industry, public sector, cloud services, retail, and telecom industry as well as international research projects. Albin lectures regularly at universities about Privacy & Data Protection, Information Security Management, and Security Development. He is also an invited speaker at various conferences on information security topics.

Call for Papers

We invite you to submit a paper and join us at EuroUSEC 2023.

We are excited to welcome original work describing research, visions, or experiences in all areas of usable security and privacy. We welcome a variety of research methods, including both qualitative and quantitative approaches.

We will review longer papers on mature/completed work in a research track, as well as shorter papers on work in progress, or work that has yet to begin, in a vision track. We aim to provide a venue for researchers at all stages of their careers and at all stages of their projects.

Topics include, but are not limited to:

  • usable security and privacy implications or solutions for specific domains (such as IoT, ehealth, and vulnerable populations)
  • methodologies for usable security and privacy research
  • field studies of security or privacy technology
  • longitudinal studies of deployed security or privacy features
  • new applications of existing privacy/security models or technology
  • innovative security or privacy functionality and design
  • usability evaluations of new or existing security or privacy features
  • security testing of new or existing usability features
  • lessons learned from the deployment and use of usable privacy and security features
  • reports of failed usable privacy/security studies or experiments, with the focus on the lessons learned from such experience
  • papers with negative results
  • reports of replicating previously published important studies and experiments
  • psychological, sociological, cultural, or economic aspects of security and privacy
  • studies of administrators or developers and support for security and privacy
  • studies on the adoption or acceptance of security or privacy technologies
  • systematization of knowledge papers
  • impact of organizational policy or procurement decisions on security and privacy

It is mandatory for at least one author to attend EuroUSEC (either in person or virtually in certain circumstances).

Important Dates

Paper registration deadline (mandatory):       Monday, 5th June, 2023 (Anywhere on Earth)                
Paper submission deadline: Friday, 9th June, 2023(Anywhere on Earth)
Notification: Monday, 10th July, 2023 Monday, 17th July, 2023
Revision decision re-submission deadline: Monday, 24th July, 2023 Monday, 31st July, 2023 (Anywhere on Earth)
Revision notification: Monday, 7th August, 2023 Monday, 14th August, 2023
Camera ready: Monday, 14th August, 2023 Monday, 21st August, 2023
Registration, authors (online and onsite) Friday, 1st September, 2023
Registration, all (onsite) Sunday, 16th September, 2023
Registration, all (online) Sunday, 1st October, 2023
EuroUSEC: 16th & 17th October, 2023


Research Track: The research track is intended to report on mature work that has been completed. The goal of the EuroUSEC's research track is to disseminate results of interest to the broader usable security and privacy community. Papers must not be more than 16 pages in length using the one-column submission format excluding the bibliography. Try to scale the length of the paper according to the contributions you describe therein. Authors have the option to attach to their paper‘s supplementary appendices with study materials (e.g., survey instruments, interview guides, etc.) that would not otherwise take up valuable space within the body of the paper. Reviewers are not required to read appendices, so your paper should be self-contained without them. ACM also allows publication of additional supplemental materials and we want to encourage authors to use this option to provide research artifacts (e.g., builds of own software used in the study).

Vision Track: The vision track is intended to report on work in progress or concrete ideas for work that has yet to begin. The focus in the vision track is to spark discussion with the goal to provide the authors helpful feedback, pointers to potentially related investigations, and new ideas to explore. Suitable submissions to the vision track include traditional work-in-progress pieces such as preliminary results of pre-studies, but also research proposals and position papers outlining future research. Papers must be up to 9 pages in length using the one-column format, including the bibliography and with no appendices.

Submission Instructions

Upload your submission via this link:

  1. All submissions must report original work.
    • Authors must clearly document any overlap with previously or simultaneously submitted papers from any of the authors (email the chairs a PDF document outlining this).
  2. Papers must be written in English.
  3. Papers must be anonymized for review
  4. Refer to your own related work in the third person: do not use personal pronouns
    • This requirement also applies to data sets and artifacts. (For example, "We reused data from the authors of Smith et al. [31] in our experiment.")
  5. Do not blind citations except in extraordinary circumstances. If in doubt, contact the chairs.
  6. All submissions must use the ACM Word or LaTeX templates.
    • These templates can be obtained from the ACM author submission information website. In particular, for the camera-ready submission to The ACM Publishing System (TAPS), the one-column format must be used (e.g. for latex: \documentclass[manuscript]{acmart}).
  7. Systematization of Knowledge paper titles must begin with SOK:
  8. Vision paper titles must begin with Vision:

Simultaneous submission of the same paper to another venue with proceedings or a journal is prohibited. Serious infringements of these policies may cause the paper to be rejected from publication and the authors put on a warning list, even if the paper is initially accepted by the program committee. Contact the EuroUSEC chairs if there are questions about this policy.

You are free to publish a pre-print of your paper on arXiv, SSRN or similar, if you wish to.

Contact the EuroUSEC chairs if there are any questions.

Important Information for Researchers from Russian and Belarussian Institutions

Because of the Russian invasion in Ukraine, current guidelines of our host IT University of Copenhagen (ITU) prohibit hosting guests from research institutions in Russia and Belarus at ITU. We therefore encourage researchers from such institutions to be mindful of these regulations and to check whether they will be able to attend EuroUSEC before submitting their work.

Program Committee Chairs

The chairs can be contacted at Oksana Kulyk and Farzaneh Karegar

Program Committee

  • Samuel Agbesi, IT University of Copenhagen
  • Ala Sarah Alaqra, Karlstad University
  • Patricia Arias-Cabarcos, Paderborn University
  • David Balash, The George Washington University
  • Ingolf Becker, University College London
  • Enka Blanchard, CNRS & Université Polytechnique Hauts-de-France
  • Jurlind Budurushi, University of Qatar
  • Jan-Willem Bullee, University of Twente
  • Karoline Busse, University of Applied Administrative Sciences Lower Saxony
  • Jean Camp, Indiana University
  • Kovila Coopamootoo, Kings College London
  • Adele Da Veiga, University of South Africa
  • Nicolas E. Díaz Ferreyra, Hamburg University of Technology
  • Yvonne Dittrich, IT University of Copenhagen
  • Verena Distler, Bundeswehr University Munich
  • Ali Farooq, University of Turku
  • Edwin Frauenstein, Walter Sisulu University
  • Jennifer Friedauer, Ruhr University Bochum
  • Peter Gorski, INFODAS GmbH
  • Thomas Gross, Newcastle University
  • Hana Habib, Carnegie Mellon University
  • Jonas Hielscher, Ruhr University Bochum
  • Luigi Lo Iacono, Hochschule Bonn-Rhein-Sieg
  • Sana Maqsood, York University
  • Tatsuya Mori, Waseda University
  • Ben Morrison, NHS Business Service Authority & Northumbria University
  • Collins Munyendo, The George Washington University
  • Alena Naiakshina, Bochum University
  • Alaa Nehme, Mississippi State University
  • James Nicholson, Northumbria University
  • Emma Nicol, University of Strathclyde
  • Jason Nurse, University of Kent
  • Jeremiah Onaolapo, University of Vermont
  • Ali Padyab, University of Skövde
  • Simon Parkin, Delft University of Technology
  • Scott Ruoti, University of Tennessee
  • Kavous Salehzadeh, Niksirat University of Lausanne
  • Cigdem Sengul, Brunel University
  • Dirk Snyman, University of Cape Town
  • Mohammad Tahaei, Nokia Bell Labs
  • Faiza Tazi, University of Denver
  • Vanessa Teague, Australian National University
  • Jan Tolsdorf, Hochschule Bonn-Rhein-Sieg
  • Martin Ukrop, Red Hat
  • Karl van der Schyff, Rhodes University
  • Dominik Wermke, CISPA Helmholtz Center for Information Security
  • Stephan Wiefling, Hochschule Bonn-Rhein-Sieg
  • Daricia Wilkinson, Microsoft Research
  • Verena Zimmermann, ETH Zürich

Publicity Chairs

  • Anne Hennig, Karlsruhe Institute of Technology (Germany)
  • Agnieszka Kitkowska Karlstad University (Sweden)
  • Ali Farooq University of Turku (Finland)

Steering Committee

  • Karen Renaud, University of Strathclyde (UK)
  • Peter Mayer, Karlsruhe Institute of Technology (Germany)
  • Angela Sasse, Ruhr University Bochum / Ruhr-Universität Bochum (Germany)
  • Melanie Volkamer, Karlsruhe Institute of Technology (Germany)
  • Charles Weir, Lancaster University (UK)

Event Logistics

EuroUSEC will be held from October 16 - 17 in Copenhagen, Denmark. Event location is IT University of Copenhagen. More information will be provided.

Social Contract

To make EuroUSEC as effective as possible for everyone, we ask that all participants commit to our social contract:

  1. Engage and actively participate (to the degree you feel comfortable) with each talk.
  2. Be sure your feedback is constructive, forward-looking, and meaningful.
  3. The usable security & privacy community has earned a reputation for being inclusive and welcoming to newcomers; please keep it that way.
  4. We encourage attendees to aim to meet at least three new people from this year's EuroUSEC. The meal breaks and the participatory activity are the perfect opportunities for this.
  5. We strongly encourage tweeting under the hashtag "#EuroUSEC2023" and otherwise spreading the word about work you find exciting at EuroUSEC. However, please do not record EuroUSEC itself or further distribute comments made on our Slack instance.
  6. EuroUSEC 2023 follows the USABLE events Code of Conduct.

Instructions for Presenters

Further information will be available soon


Registration is mandatory for participation in EuroUSEC. Please register using the following link: Register Now

At least one author for each accepted paper has to register until September 1st. For the rest of the participants, the registration will be open until September 16th for onsite participants and until October 1st for online participants.

The prices for the registration are as follows (in Danish krones, 7,45 DKK is approximately 1 EUR). At least one registration using the "Author" option (either online or onsite) is required for each paper. Note, we strognly encourage the authors to present their paper onsite, while the online option is available to those who have difficulties in travelling.

Author (online) 2500 DKK
Author (onsite) 2500 DKK
Standard (online) 1500 DKK
Standard (onsite) 2000 DKK
Student (online) 1000 DKK
Student (onsite) 1000 DKK