Towards Understanding Connections between Security/Privacy Attitudes and Unlock Authentication

Thumbnail Image

Files

1801.07518.pdf (294.81 KB)

Links to Files

https://arxiv.org/abs/1801.07518

Permanent Link

http://hdl.handle.net/11603/7756

Collections

UMBC Information Systems Department
UMBC Faculty Collection

Author/Creator

Author/Creator ORCID

Date

2018-02-01

Type of Work

conference papers and proceeding preprints
Text

Department

Program

Citation of Original Publication

Aviv, Adam J.; Kuber, Ravi; Towards Understanding Connections between Security/Privacy Attitudes and Unlock Authentication; Workshop on Usable Security (USEC), Feb. 2018; https://arxiv.org/abs/1801.07518

Rights

This item may be protected under Title 17 of the U.S. Copyright Law. It is made available by UMBC for non-commercial research and education. For permission to publish or reproduce, please contact the author.
Public Domain Mark 1.0
This work was written as part of one of the author's official duties as an Employee of the United States Government and is therefore a work of the United States Government. In accordance with 17 U.S.C. 105, no copyright protection is available for such works under U.S. Law.

Subjects

Cryptography and Security
Computers and Society
Human-Computer Interaction
mobile devices
unlock authentication
Android graphical unlock patterns

Abstract

In this study, we examine the ways in which user attitudes towards privacy and security relating to mobile devices and the data stored thereon may impact the strength of unlock authentication, focusing on Android's graphical unlock patterns. We conducted an online study with Amazon Mechanical Turk (N=750) using self-reported unlock authentication choices, as well as Likert scale agreement/disagreement responses to a set of seven privacy/security prompts. We then analyzed the responses in multiple dimensions, including a straight average of the Likert responses as well as using Principle Component Analysis to expose latent factors. We found that responses to two of the seven questions proved relevant and significant. These two questions considered attitudes towards general concern for data stored on mobile devices, and attitudes towards concerns for unauthorized access by known actors. Unfortunately, larger conclusions cannot be drawn on the efficacy of the broader set of questions for exposing connections between unlock authentication strength (Pearson Rank r=−0.08, p<0.1). However, both of our factor solutions exposed differences in responses for demographics groups, including age, gender, and residence type. The findings of this study suggests that there is likely a link between perceptions of privacy/security on mobile devices and the perceived threats therein, but more research is needed, particularly on developing better survey and measurement techniques of privacy/security attitudes that relate to mobile devices specifically.