Lydia Kraus, Tobias Fiebig, Viktor Miruchna, Sebastian Möller, Asaf Shabtai
S&P. IEEE, 2015
Along with the significant growth in the popularity of smartphones and the number of available mobile applications, the amount of threats that harm users or compromise their privacy has dramatically increased. The mobile security research community constantly uncovers new threats and develops associated mitigations. Recently, there is an increasing interest in the human factors and various studies investigated user-aspects in the implementation of security mechanisms as well as users’ perception of threats. In this paper we present a qualitative study on end-users’ knowledge and perceptions of threats and mitigations on mobile devices. Moreover, we identify feelings surrounding smartphone security and privacy. We interpret these feelings in the context of basic psychological need fulfillment. Our findings suggest that so-far little considered aspects of why end-users do not utilize mitigations reside in the need fulfillment plane, and not only in the conflict of usability and security. Following these findings we give examples of how developers of mitigations could ensure that these mitigations are actually adopted by end-users.