Matthias Fassl scite author profile

Usable privacy and security researchers have developed a variety of approaches to represent risk to research participants. To understand how these approaches are used and when each might be most appropriate, we conducted a systematic literature review of methods used in security and privacy studies with human participants. From a sample of 633 papers published at five top conferences between 2014 and 2018 that included keywords related to both security/privacy and usability, we systematically selected and analyzed 284 full-length papers that included human subjects studies. Our analysis focused on study methods; risk representation; the use of prototypes, scenarios, and educational intervention; the use of deception to simulate risk; and types of participants. We discuss benefits and shortcomings of the methods, and identify key methodological, ethical, and research challenges when representing and assessing security and privacy risk. We also provide guidelines for the reporting of user studies in security and privacy.

show abstract

Exploring User-Centered Security Design for Usable Authentication Ceremonies

Fassl

Gröber

Krombholz

2021

View full text Add to dashboard Cite

Investigating Car Drivers’ Information Demand after Safety and Security Critical Incidents

Gröber

Fassl

Gupta

et al. 2021

View full text Add to dashboard Cite

Transferring Update Behavior from Smartphones to Smart Consumer Devices

Fassl

Neumayr

Schedler

et al. 2022

View full text Add to dashboard Cite

Automatic updates are becoming increasingly common, which minimizes the amount of update decisions that users have to make. Rapidly deployed important updates have a major impact on security. However, automatic updates also reduce the users’ opportunities to build useful mental models which makes decision-making harder on other consumer devices without automatic updates. Users generally transfer their understanding from domains that they know well (i.e. smartphones) to others. We investigate how well this transfer process works with respect to updates and if users with automatic updates fare worse than those with manual updates.We conducted a formative field study ($$N = 52$$ N = 52 ) to observe users’ update settings on smartphones and examine reasons for their (de-)activation. Based on the results, we conducted an online survey ($$N = 91$$ N = 91 ) to compare how users perceive update notifications for smartphones and smart consumer devices. One of our main findings is that update decisions based on expected changes do not apply well to these devices since participants do not expect meaningful and visual changes. We suggest naming updates for such devices ‘maintenance’ to move users’ expectations from ‘new features’ to ‘ensuring future functionality’.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Matthias Fassl

Stop the Consent Theater

A Systematic Literature Review of Empirical Methods and Risk Representation in Usable Privacy and Security Research

Exploring User-Centered Security Design for Usable Authentication Ceremonies

Investigating Car Drivers’ Information Demand after Safety and Security Critical Incidents

Transferring Update Behavior from Smartphones to Smart Consumer Devices

Contact Info

Product

Resources

About