Paper published in a book (Scientific congresses, symposiums and conference proceedings)
Evaluating ambiguity of privacy indicators in a secure email app
Stojkovski, Borce; Lenzini, Gabriele
2020In Loreti, Michele; Spalazzi, Luca (Eds.) Proceedings of the Fourth Italian Conference on Cyber Security, Ancona Italy, February 4th to 7th, 2020
Peer reviewed
 

Files


Full Text
Stojkovski et Lenzini - Evaluating ambiguity of privacy indicators in a secure email app - ITASEC v3.pdf
Author postprint (927.1 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Abstract :
[en] Informing laymen of security situations is a notoriously hard problem. Users are usually not cognoscenti of all the various secure and insecure situations that may arise, and this can be further worsened by certain visual indicators that instead of helping users, fail to convey clear and unambiguous messages. Even in well-established and studied applications, like email clients providing end-to-end encryption, the problem seems far from being solved. Motivated to verify this claim, we studied the communication qualities of four privacy icons (in the form of coloured shapes) in conveying specific security messages, relevant for a particular secure emailing system called p≡p. We questioned 42 users in three different sessions, where we showed them 10 privacy ratings, along with their explanations, and asked them to match the rating and explanation with the four privacy icons. We compared the participants’ associations to those made by the p≡p developers. The results, still preliminary, are not encouraging. Except for the two most extreme cases, Secure and trusted and Under attack, users almost entirely missed to get the indicators’ intended messages. In particular, they did not grasp certain concepts such as Unsecure email and Secure email, which in turn were fundamental for the engineers. Our work has certain limitations and further investigation is required, but already at this stage our research calls for a closer collaboration between app engineers and icon designers. In the context of p≡p, our work has triggered a deeper discussion on the icon design choices and a potential revamp is on the way.
Research center :
- Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Other
Disciplines :
Computer science
Author, co-author :
Stojkovski, Borce ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC)
Lenzini, Gabriele ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
External co-authors :
no
Language :
English
Title :
Evaluating ambiguity of privacy indicators in a secure email app
Publication date :
2020
Event name :
Fourth Italian Conference on Cyber Security (ITASEC 20)
Event place :
Ancona, Italy
Event date :
4-2-2020 to 7-2-2020
Main work title :
Proceedings of the Fourth Italian Conference on Cyber Security, Ancona Italy, February 4th to 7th, 2020
Editor :
Loreti, Michele
Spalazzi, Luca
Publisher :
CEUR-WS.org
Collection name :
CEUR Workshop Proceedings
Pages :
223--234
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR10621687 - Security And Privacy For System Protection, 2015 (01/01/2017-30/06/2023) - Sjouke Mauw
Name of the research project :
PRIDE15/10621687/SPsquared
Funders :
FNR - Fonds National de la Recherche [LU]
Commentary :
2597
Available on ORBilu :
since 26 May 2020

Statistics


Number of views
319 (29 by Unilu)
Number of downloads
113 (7 by Unilu)

Scopus citations®
 
2
Scopus citations®
without self-citations
1

Bibliography


Similar publications



Contact ORBilu