Abstract
Many people do not deliberately act to protect the data on their Smartphones. The most obvious explanation for a failure to behave securely is that the appropriate mechanisms are unusable. Does this mean usable mechanisms will automatically be adopted? Probably not! Poor usability certainly plays a role, but other factors also contribute to non-adoption of precautionary mechanisms and behaviours. We carried out a series of interviews to determine justifications for non-adoption of security precautions, specifically in the smartphone context, and developed a model of Smartphone precaution non-adoption. We propose that future work should investigate the use of media campaigns in raising awareness of these issues.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
This list of references is not exhaustive due to lack of space.
References
Botha, R.A., Furnell, S.M., Clarke, N.L.: From desktop to mobile: examining the security experience. Comput. Secur. 28(3), 130–137 (2009)
Campbell, M.: Phone invaders. New Sci. 223(2977), 32–35 (2014)
Canova, G., Volkamer, M., Bergmann, C., Borza, R.: NoPhish: an anti-phishing education app. In: Mauw, S., Jensen, C.D. (eds.) STM 2014. LNCS, vol. 8743, pp. 188–192. Springer, Heidelberg (2014)
Clark, S., Goodspeed, T., Metzger, P., Wasserman, Z., Xu, K., Blaze, M.: Why (special agent) johnny (still) can’t encrypt: a security analysis of the APCO project 25 two-way radio system. In: USENIX Security Symposium (2011)
Debatin, B., Lovejoy, J.P., Horn, A.K., Hughes, B.N.: Facebook and online privacy: attitudes, behaviors, and unintended consequences. J. Comput. Mediat. Commun. 15(1), 83–108 (2009)
Bursztein, E.: Survey: most people don’t lock their android phones - but should (2014). https://www.elie.net/blog/survey-most-people-dont-lock-their-android-phones-but-should
Felt, A.P., Egelman, S., Wagner, D.: I’ve got 99 problems, but vibration ain’t one: a survey of smartphone users’ concerns. In: 2nd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 33–44. ACM (2012)
Ferreira, A., Huynen, J.-L., Koenig, V., Lenzini, G.: Socio-technical security analysis of wireless hotspots. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2014. LNCS, vol. 8533, pp. 306–317. Springer, Heidelberg (2014)
Furnell, S., Evangelatos, K.: Public awareness and perceptions of biometrics. Comput. Fraud Secur. 2007(1), 8–13 (2007)
Gaw, S., Felten, E.W., Fernandez-Kelly, P.: Secrecy, flagging, and paranoia: adoption criteria in encrypted email. In: SIGCHI Conference on Human Factors in Computing Systems, CHI 2006, pp. 591–600 (2006)
Harbach, M., Fahl, S., Rieger, M., Smith, M.: On the acceptance of privacy-preserving authentication technology: the curious case of national identity cards. In: De Cristofaro, E., Wright, M. (eds.) PETS 2013. LNCS, vol. 7981, pp. 245–264. Springer, Heidelberg (2013)
Harbach, M., Hettig, M., Weber, S., Smith, M.: Using personal examples to improve risk communication for security & privacy decisions. In: 32nd Annual ACM Conference on Human Factors in Computing Systems, CHI 2014, pp. 2647–2656. ACM (2014). http://doi.acm.org/10.1145/2556288.2556978
Harbach, M., von Zezschwitz, E., Fichtner, A., De Luca, A., Smith, M.: It’s a hard lock life: a field study of smartphone (un) locking behavior and risk perception. In: Symposium on Usable Privacy and Security (SOUPS) (2014)
Herath, T., Rao, H.R.: Encouraging information security behaviors in organizations: role of penalties, pressures and perceived effectiveness. Decis. Support Syst. 47(2), 154–165 (2009)
Kelley, P.G., Consolvo, S., Cranor, L.F., Jung, J., Sadeh, N., Wetherall, D.: A conundrum of permissions: installing applications on an android smartphone. In: Blyth, J., Dietrich, S., Camp, L.J. (eds.) FC 2012. LNCS, vol. 7398, pp. 68–79. Springer, Heidelberg (2012)
Lazou, A., Weir, G.R.: Perceived risk and sensitive data on mobile devices. In: Cyberforensics, pp. 183–196. University of Strathclyde (2011)
Lin, J., Amini, S., Hong, J.I., Sadeh, N., Lindqvist, J., Zhang, J.: Expectation and purpose: understanding users’ mental models of mobile app privacy through crowdsourcing. In: ACM Conference on Ubiquitous Computing, UbiComp 2012, pp. 501–510. ACM (2012). http://doi.acm.org/10.1145/2370216.2370290
Liu, S., Silverman, M.: A practical guide to biometric security technology. IT Prof. 3(1), 27–32 (2001)
Muslukhov, I., Boshmaf, Y., Kuo, C., Lester, J., Beznosov, K.: Understanding users’ requirements for data protection in smartphones. In: Data Engineering Workshops (ICDEW), pp. 228–235. IEEE (2012)
Mylonas, A.: Security and privacy in the smartphones ecosystem. Technical report. AUEB-CIS/REV-0313, Athens University of Economics and Business (2013)
Ophoff, J., Robinson, M.: Exploring end-user smartphone security awareness within a South African context. In: Information Security for South Africa (ISSA 2014), pp. 1–7. IEEE (2014)
Pramod, D., Raman, R.: A study on the user perception and awareness of smartphone security. Int. J. Appl. Eng. Res. ISSN 9(23), 19133–19144 (2014)
Renaud, K., Volkamer, M., Renkema-Padmos, A.: Why doesn’t jane protect her privacy? In: De Cristofaro, E., Murdoch, S.J. (eds.) PETS 2014. LNCS, vol. 8555, pp. 244–262. Springer, Heidelberg (2014)
Sasse, M.A., Flechais, I.: Usable security: what is it? how do we get it?. In: Security and usability: designing secure systems that people can use. pp. 13–30. O’Reilly Books (2005)
Smith, S.W.: Humans in the loop: human-computer interaction and security. IEEE Secur. Priv. 1(3), 75–79 (2003)
Solove, D.J.: “I’ve got nothing to hide” and other misunderstandings of privacy. San Diego law Rev. 44, 745 (2007)
Wash, R.: Folk models of home computer security. In: Proceedings of the Sixth Symposium on Usable Privacy and Security, p. 11. ACM, Redmond, WA (2010)
Whitten, A., Tygar, J.D.: Why Johnny can’t encrypt: a usability evaluation of PGP 5.0. In: 8th USENIX Security Symposium, SSYM 1999, vol. 8, pp. 169–184 (1999)
Acknowledgements
This paper has been developed within the project ‘ZertApps’, which is funded by the German Federal Ministry of Education and Research (BMBF) under grant no. 16KIS0073. The authors assume responsibility for the content.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Volkamer, M., Renaud, K., Kulyk, O., Emeröz, S. (2015). A Socio-Technical Investigation into Smartphone Security. In: Foresti, S. (eds) Security and Trust Management. STM 2015. Lecture Notes in Computer Science(), vol 9331. Springer, Cham. https://doi.org/10.1007/978-3-319-24858-5_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-24858-5_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24857-8
Online ISBN: 978-3-319-24858-5
eBook Packages: Computer ScienceComputer Science (R0)