The Framework of Security-Enhancing Friction: How UX Can Help Users Behave More Securely

Distler, Verena; Lenzini, Gabriele; Lallemand, Carine; Koenig, Vincent

Reference : The Framework of Security-Enhancing Friction: How UX Can Help Users Behave More Securely


	Document type :	Scientific congresses, symposiums and conference proceedings : Paper published in a journal
	Discipline(s) :	Engineering, computing & technology : Multidisciplinary, general & others
	Focus Areas :	Security, Reliability and Trust
	To cite this reference:	http://hdl.handle.net/10993/44327

Title :	The Framework of Security-Enhancing Friction: How UX Can Help Users Behave More Securely
Language :	English
Author, co-author :	Distler, Verena [University of Luxembourg > Faculty of Language and Literature, Humanities, Arts and Education (FLSHASE) > Education, Culture, Cognition and Society (ECCS) >]
	Lenzini, Gabriele [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Lallemand, Carine [University of Luxembourg > Faculty of Language and Literature, Humanities, Arts and Education (FLSHASE) > Education, Culture, Cognition and Society (ECCS) >]
	Koenig, Vincent [University of Luxembourg > Faculty of Language and Literature, Humanities, Arts and Education (FLSHASE) > Education, Culture, Cognition and Society (ECCS) >]
Publication date :	26-Oct-2020
Journal title :	New Security Paradigms Workshop
Peer reviewed :	Yes
Audience :	International
Country :	Virtual Conference
Event name :	New Security Paradigms Workshop
Event date :	October 26-29, 2020
Keywords :	[en] Usable Security and Privacy ; Trust ; Friction Design ; User Experience
Abstract :	[en] A growing body of research in the usable privacy and security community addresses the question of how to best influence user behavior to reduce risk-taking.We propose to address this challenge by integrating the concept of user experience (UX) into empirical usable privacy and security studies that attempt to change risktaking behavior. UX enables us to study the complex interplay between user-related, system-related and contextual factors and provides insights into the experiential aspects underlying behavior change, including negative experiences. We first compare and contrast existing security-enhancing interventions (e.g., nudges, warnings, fear appeals) through the lens of friction. We then build on these insights to argue that it can be desirable to design for moments of negative UX in security-critical situations. For this purpose, we introduce the novel concept of security-enhancing friction, friction that effectively reduces the occurrence of risk-taking behavior and ensures that the overall UX (after use) is not compromised. We illustrate how security-enhancing friction provides an actionable way to systematically integrate the concept of UX into empirical usable privacy and security studies for meeting both the objectives of secure behavior and of overall acceptable experience.
Target :	Researchers ; Professionals ; Students
Permalink :	http://hdl.handle.net/10993/44327
FnR project :	FnR ; FNR10621687 > Sjouke Mauw > SPsquared > Security and Privacy for System Protection > 01/01/2017 > 30/06/2023 > 2016

File(s) associated to this reference

Fulltext file(s):

	File	Commentary	Version	Size	Access
Open access	nspw20-6.pdf		Publisher postprint	1.28 MB	View/Open

All documents in ORBi^lu are protected by a user license.

University of Luxembourg Library | Feedback | Legal notices