76 research outputs found
Evaluating the End-User Experience of Private Browsing Mode
Nowadays, all major web browsers have a private browsing mode. However, the
mode's benefits and limitations are not particularly understood. Through the
use of survey studies, prior work has found that most users are either unaware
of private browsing or do not use it. Further, those who do use private
browsing generally have misconceptions about what protection it provides.
However, prior work has not investigated \emph{why} users misunderstand the
benefits and limitations of private browsing. In this work, we do so by
designing and conducting a three-part study: (1) an analytical approach
combining cognitive walkthrough and heuristic evaluation to inspect the user
interface of private mode in different browsers; (2) a qualitative,
interview-based study to explore users' mental models of private browsing and
its security goals; (3) a participatory design study to investigate why
existing browser disclosures, the in-browser explanations of private browsing
mode, do not communicate the security goals of private browsing to users.
Participants critiqued the browser disclosures of three web browsers: Brave,
Firefox, and Google Chrome, and then designed new ones. We find that the user
interface of private mode in different web browsers violates several
well-established design guidelines and heuristics. Further, most participants
had incorrect mental models of private browsing, influencing their
understanding and usage of private mode. Additionally, we find that existing
browser disclosures are not only vague, but also misleading. None of the three
studied browser disclosures communicates or explains the primary security goal
of private browsing. Drawing from the results of our user study, we extract a
set of design recommendations that we encourage browser designers to validate,
in order to design more effective and informative browser disclosures related
to private mode
Encouraging Privacy-Aware Smartphone App Installation: Finding out what the Technically-Adept Do
Smartphone apps can harvest very personal details
from the phone with ease. This is a particular privacy concern.
Unthinking installation of untrustworthy apps constitutes risky
behaviour. This could be due to poor awareness or a lack of knowhow:
knowledge of how to go about protecting privacy. It seems
that Smartphone owners proceed with installation, ignoring any
misgivings they might have, and thereby irretrievably sacrifice
their privacy
âYou Donât Know Where It Will Stopâ -- An Inquiry into Smartphone Users' Privacy Mental Models of Contextual Integrity
The Contextual Integrity (CI) theory provides a benchmark for privacy protection or violation according to the appropriateness of information collection and flows in a certain context. As privacy threats and protections develop and vie in various mobile contexts, how smartphone users represent the benchmark CI in their minds deserves exploration. In this study, we inquired into 18 smartphone usersâ privacy mental models of CI. We found that they verbalized and visualized three patterns of information flow (i.e., unidirectional lines, branching tree, and complex network) and two categories of information collection (i.e., monetization-oriented and monitoring-based). With these mental models, our participants expressed numerous privacy concerns, such as unstoppable information sharing, data monetization, and surveillance. We discussed these findings and concluded that even though mobile operating systems and apps have claimed to be privacy-friendly and protective, some users remain dubious about such claims even though their privacy mental models may not accurately reflect reality
A World Full of Privacy and Security (Mis)conceptions? Findings of a Representative Survey in 12 Countries
Misconceptions about digital security and privacy topics in the general public frequently lead to insecure behavior. However, little is known about the prevalence and extent of such misconceptions in a global context. In this work, we present the results of the first large-scale survey of a global population on misconceptions: We conducted an online survey with n = 12, 351 participants in 12 countries on four continents. By investigating influencing factors of misconceptions around eight common security and privacy topics (including E2EE, Wi-Fi, VPN, and malware), we find the country of residence to be the strongest estimate for holding misconceptions. We also identify differences between non-Western and Western countries, demonstrating the need for region-specific research on user security knowledge, perceptions, and behavior. While we did not observe many outright misconceptions, we did identify a lack of understanding and uncertainty about several fundamental privacy and security topics
Towards a Framework for Supporting User Satisfaction of Conversational Agents according to the Usability Norm DIN EN ISO 9241-11
The acceptance and use of conversational user interfaces (CUIs) which are for example used in Conversational Agents (CAs) such as Alexa and Siri are crucially dependent on their usabilityâwhich is often lacking in practice according to user reviews. Referring to the usability norm DIN EN ISO 9241-11, a usable product, system or service can be used to achieve specified goals with high levels of effectiveness, efficiency, and satisfaction. However, in the case of conversational agents, the bidirectional interaction experience differs from the use of other input devices. We are proposing a conceptual framework for evaluating the design of CAs with regard to the interaction principles as per DIN EN ISO 9241-110. To increase the level of satisfaction in particular, we focus on the new principle of user engagement in order to ensure trust and welfare and specifically self-determination to ensure the success and positive user experience of CUIs
Encouraging Privacy-Aware Smartphone App Installation: What Would the Technically-Adept Do
Smartphone apps can harvest very personal details from the phone with ease. This is a particular privacy concern. Unthinking installation of untrustworthy apps constitutes risky behaviour. This could be due to poor awareness or a lack of knowhow: knowledge of how to go about protecting privacy. It seems that Smartphone owners proceed with installation, ignoring any misgivings they might have, and thereby irretrievably sacrifice their privacy
- âŚ