Smart homes are under attack. Threats can harm both the security of these homes and the privacy of their inhabitants. As a result, in addition to delivering pleasant and aesthetic experiences, smart devices need to protect households from vulnerabilities and attacks. Further, the need for user-centered security and privacy design is particularly important for such an environment, given that inhabitants are demographically-diverse (e.g., age, gender, educational level) and have different skills and (dis)abilities.
Prior work has explored different usable security and privacy solutions for smart homes; however, the applicability of user eXperience (UX) principles to security and privacy design is under-explored. This research project aims to address the on-going challenge of security and privacy in the smart home through the lens of UX design. The objective of this thesis is two-fold. First, to investigate how UX factors and principles affect the security and privacy of smart home users. Secondly, to inform product design through the development of an empirically-tested framework for UX design of security and privacy in smart home products.
In the first step, we explored the relationship between UX, security, and privacy in smart homes from user and designer perspectives: through (i) conducting a qualitative interview study with smart home users (n=13) and (ii) analyzing an ethnomethodologically informed study of six UK households living in smart homes (n=6); and, we then explored the role of UX in the design of security, privacy and data protection in smart homes through qualitative semi-structured interviews with smart home users, designers and business leaders through two rounds of interviews (n=20, n=20).
In the second step, using conceptual framework analysis, we systematically analyzed our previously collected data and the literature to construct a framework of design heuristics for consent and permission in smart homes. We applied these heuristics in four participatory co-design workshops and reported on their use. We further analyzed the use of the heuristics through thematic analysis highlighting how the heuristics were used, their purpose, and their effectiveness.
By bringing UX design to the smart home security and privacy table, we believe that this research project will have a significant impact on academia, industry, and government organizations. Our thesis will improve design practices for security and privacy in domestic smart devices while addressing wider challenges, opportunities, and future work
