Skip to main content
SpringerLink
Log in

A Socio-Technical Investigation into Smartphone Security

  • Conference paper
  • First Online:
Security and Trust Management (STM 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9331))

Included in the following conference series:

Abstract

Many people do not deliberately act to protect the data on their Smartphones. The most obvious explanation for a failure to behave securely is that the appropriate mechanisms are unusable. Does this mean usable mechanisms will automatically be adopted? Probably not! Poor usability certainly plays a role, but other factors also contribute to non-adoption of precautionary mechanisms and behaviours. We carried out a series of interviews to determine justifications for non-adoption of security precautions, specifically in the smartphone context, and developed a model of Smartphone precaution non-adoption. We propose that future work should investigate the use of media campaigns in raising awareness of these issues.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.bsi-fuer-buerger.de/SharedDocs/Downloads/DE/BSI/Grundschutz/Download/Ueberblickspapier_Smartphone_pdf.

  2. 2.

    This list of references is not exhaustive due to lack of space.

References

  1. Botha, R.A., Furnell, S.M., Clarke, N.L.: From desktop to mobile: examining the security experience. Comput. Secur. 28(3), 130–137 (2009)

    Article  Google Scholar 

  2. Campbell, M.: Phone invaders. New Sci. 223(2977), 32–35 (2014)

    Article  Google Scholar 

  3. Canova, G., Volkamer, M., Bergmann, C., Borza, R.: NoPhish: an anti-phishing education app. In: Mauw, S., Jensen, C.D. (eds.) STM 2014. LNCS, vol. 8743, pp. 188–192. Springer, Heidelberg (2014)

    Google Scholar 

  4. Clark, S., Goodspeed, T., Metzger, P., Wasserman, Z., Xu, K., Blaze, M.: Why (special agent) johnny (still) can’t encrypt: a security analysis of the APCO project 25 two-way radio system. In: USENIX Security Symposium (2011)

    Google Scholar 

  5. Debatin, B., Lovejoy, J.P., Horn, A.K., Hughes, B.N.: Facebook and online privacy: attitudes, behaviors, and unintended consequences. J. Comput. Mediat. Commun. 15(1), 83–108 (2009)

    Article  Google Scholar 

  6. Bursztein, E.: Survey: most people don’t lock their android phones - but should (2014). https://www.elie.net/blog/survey-most-people-dont-lock-their-android-phones-but-should

  7. Felt, A.P., Egelman, S., Wagner, D.: I’ve got 99 problems, but vibration ain’t one: a survey of smartphone users’ concerns. In: 2nd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 33–44. ACM (2012)

    Google Scholar 

  8. Ferreira, A., Huynen, J.-L., Koenig, V., Lenzini, G.: Socio-technical security analysis of wireless hotspots. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2014. LNCS, vol. 8533, pp. 306–317. Springer, Heidelberg (2014)

    Google Scholar 

  9. Furnell, S., Evangelatos, K.: Public awareness and perceptions of biometrics. Comput. Fraud Secur. 2007(1), 8–13 (2007)

    Article  Google Scholar 

  10. Gaw, S., Felten, E.W., Fernandez-Kelly, P.: Secrecy, flagging, and paranoia: adoption criteria in encrypted email. In: SIGCHI Conference on Human Factors in Computing Systems, CHI 2006, pp. 591–600 (2006)

    Google Scholar 

  11. Harbach, M., Fahl, S., Rieger, M., Smith, M.: On the acceptance of privacy-preserving authentication technology: the curious case of national identity cards. In: De Cristofaro, E., Wright, M. (eds.) PETS 2013. LNCS, vol. 7981, pp. 245–264. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  12. Harbach, M., Hettig, M., Weber, S., Smith, M.: Using personal examples to improve risk communication for security & privacy decisions. In: 32nd Annual ACM Conference on Human Factors in Computing Systems, CHI 2014, pp. 2647–2656. ACM (2014). http://doi.acm.org/10.1145/2556288.2556978

  13. Harbach, M., von Zezschwitz, E., Fichtner, A., De Luca, A., Smith, M.: It’s a hard lock life: a field study of smartphone (un) locking behavior and risk perception. In: Symposium on Usable Privacy and Security (SOUPS) (2014)

    Google Scholar 

  14. Herath, T., Rao, H.R.: Encouraging information security behaviors in organizations: role of penalties, pressures and perceived effectiveness. Decis. Support Syst. 47(2), 154–165 (2009)

    Article  Google Scholar 

  15. Kelley, P.G., Consolvo, S., Cranor, L.F., Jung, J., Sadeh, N., Wetherall, D.: A conundrum of permissions: installing applications on an android smartphone. In: Blyth, J., Dietrich, S., Camp, L.J. (eds.) FC 2012. LNCS, vol. 7398, pp. 68–79. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  16. Lazou, A., Weir, G.R.: Perceived risk and sensitive data on mobile devices. In: Cyberforensics, pp. 183–196. University of Strathclyde (2011)

    Google Scholar 

  17. Lin, J., Amini, S., Hong, J.I., Sadeh, N., Lindqvist, J., Zhang, J.: Expectation and purpose: understanding users’ mental models of mobile app privacy through crowdsourcing. In: ACM Conference on Ubiquitous Computing, UbiComp 2012, pp. 501–510. ACM (2012). http://doi.acm.org/10.1145/2370216.2370290

  18. Liu, S., Silverman, M.: A practical guide to biometric security technology. IT Prof. 3(1), 27–32 (2001)

    Article  Google Scholar 

  19. Muslukhov, I., Boshmaf, Y., Kuo, C., Lester, J., Beznosov, K.: Understanding users’ requirements for data protection in smartphones. In: Data Engineering Workshops (ICDEW), pp. 228–235. IEEE (2012)

    Google Scholar 

  20. Mylonas, A.: Security and privacy in the smartphones ecosystem. Technical report. AUEB-CIS/REV-0313, Athens University of Economics and Business (2013)

    Google Scholar 

  21. Ophoff, J., Robinson, M.: Exploring end-user smartphone security awareness within a South African context. In: Information Security for South Africa (ISSA 2014), pp. 1–7. IEEE (2014)

    Google Scholar 

  22. Pramod, D., Raman, R.: A study on the user perception and awareness of smartphone security. Int. J. Appl. Eng. Res. ISSN 9(23), 19133–19144 (2014)

    Google Scholar 

  23. Renaud, K., Volkamer, M., Renkema-Padmos, A.: Why doesn’t jane protect her privacy? In: De Cristofaro, E., Murdoch, S.J. (eds.) PETS 2014. LNCS, vol. 8555, pp. 244–262. Springer, Heidelberg (2014)

    Google Scholar 

  24. Sasse, M.A., Flechais, I.: Usable security: what is it? how do we get it?. In: Security and usability: designing secure systems that people can use. pp. 13–30. O’Reilly Books (2005)

    Google Scholar 

  25. Smith, S.W.: Humans in the loop: human-computer interaction and security. IEEE Secur. Priv. 1(3), 75–79 (2003)

    Article  Google Scholar 

  26. Solove, D.J.: “I’ve got nothing to hide” and other misunderstandings of privacy. San Diego law Rev. 44, 745 (2007)

    Google Scholar 

  27. Wash, R.: Folk models of home computer security. In: Proceedings of the Sixth Symposium on Usable Privacy and Security, p. 11. ACM, Redmond, WA (2010)

    Google Scholar 

  28. Whitten, A., Tygar, J.D.: Why Johnny can’t encrypt: a usability evaluation of PGP 5.0. In: 8th USENIX Security Symposium, SSYM 1999, vol. 8, pp. 169–184 (1999)

    Google Scholar 

Download references

Acknowledgements

This paper has been developed within the project ‘ZertApps’, which is funded by the German Federal Ministry of Education and Research (BMBF) under grant no. 16KIS0073. The authors assume responsibility for the content.

Author information

Authors and Affiliations

  1. Technische Universität Darmstadt, Darmstadt, Germany

    Melanie Volkamer, Oksana Kulyk & Sinem Emeröz

  2. University of Glasgow, Glasgow, Scotland

    Karen Renaud

  3. Karlstad University, Karlstad, Sweden

    Melanie Volkamer

Authors
  1. Melanie Volkamer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Karen Renaud
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Oksana Kulyk
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sinem Emeröz
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Karen Renaud .

Editor information

Editors and Affiliations

  1. Dipartimento di Informatica, Università degli Studi di Milano, Crema, Italy

    Sara Foresti

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Volkamer, M., Renaud, K., Kulyk, O., Emeröz, S. (2015). A Socio-Technical Investigation into Smartphone Security. In: Foresti, S. (eds) Security and Trust Management. STM 2015. Lecture Notes in Computer Science(), vol 9331. Springer, Cham. https://doi.org/10.1007/978-3-319-24858-5_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-24858-5_17

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-24857-8

  • Online ISBN: 978-3-319-24858-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation