Publication Details
Download |
Max Maurer, Alexander De Luca, Sylvia Kempe
Using Data Type Based Security Alert Dialogs to Raise Online Security Awareness In SOUPS '11: Proceedings of the Seventh Symposium on Usable Privacy and Security. Pittsburgh, PA, July 20 - 22, 2011. (bib) |
When surfing the Internet, users are likely to be exposed to security and privacy threats { like fraudulent websites. Automatic browser mechanisms can protect them only to some extent. In other situations it is still important to raise the users' security awareness at the right moment. Passive indicators are mostly overlooked and blocking warnings are quickly dismissed by habituated users. In this work, we present a new concept of warnings that appear in-context, based on critical data types entered by the users into online forms. Since these dialogs do not immediately interrupt the users' interaction but appear right in the users' focus, it is possible to place important security information in a way that it can be seen easily. We implemented the concept as a Firefox plugin and eval- uated it in a row of studies including two lab studies, one focus group and one real world study. Results show that the concept is very well accepted by the users and that with the plugin, especially non-expert participants were more likely to identify fraudulent (or Phishing) websites than using the standard browser warnings. Besides this, we were able to gather interesting findings on warning usage. |