"Shhh...be quiet!" Reducing the Unwanted Interruptions of Notification Permission Prompts on Chrome

Push notifications can be a very useful feature. On web browsers, they allow users to receive timely updates even if the website is not currently open. On Chrome, the feature has become extremely popular since its inception in 2015, but it is also the least likely to be accepted by users. Chrome telemetry shows that, although 74% of all permission prompts are about notifications, they are also the least likely to be granted with only a 10% grant rate on desktop and 21% grant rate on Android. In order to preserve its utility for websites and to reduce unwanted interruptions and potential abuses for the users, we designed and tested both a novel UI and its activation mechanism for notification permission prompts in Chrome. To understand how users interact with such prompts, we conducted two large-scale studies with more than 300 million users in the wild. The first study showed that most of them block or ignore the prompts across all types of websites, which prompted us to rethink its UI and activation logic. The second study, based on an A/B test using behavioral data from more than 40 million users who interacted with more than 100 million prompts on more than 70 thousand websites, show that the new prompt is very effective at reducing unwanted interruptions and their frequency (up to 30% fewer unnecessary actions on the prompts), with a minimal impact (less than 5%) on the grant rates, across all types of users and websites. We achieve these results thanks to a novel adaptive activation mechanism coupled with a block list of interrupting websites, which is derived from crowd-sourced telemetry from Chrome clients.

[1]  Efthimios Alepis Notify This: Exploiting Android Notifications for Fun and Profit , 2018, ICISSP.

[2]  Zhi Xu,et al.  Abusing Notification Services on Smartphones for Phishing and Spamming , 2012, WOOT.

[3]  C McFarlaneDaniel,et al.  The scope and importance of human interruption in human-computer interaction design , 2002 .

[4]  Lada A. Adamic,et al.  Zipf's law and the Internet , 2002, Glottometrics.

[5]  Elissa M. Redmiles,et al.  A Comprehensive Quality Evaluation of Security and Privacy Advice on the Web , 2020, USENIX Security Symposium.

[6]  Mirco Musolesi,et al.  InterruptMe: designing intelligent prompting mechanisms for pervasive applications , 2014, UbiComp.

[7]  Brian P. Bailey,et al.  On the need for attention-aware systems: Measuring effects of interruption on task performance, error rate, and affective state , 2006, Comput. Hum. Behav..

[8]  Martin Pielot,et al.  Dismissed!: a detailed exploration of how mobile phone users handle push notifications , 2018, MobileHCI.

[9]  Mark Crovella,et al.  Characteristics of WWW Client-based Traces , 1995 .

[10]  Martijn Koster,et al.  Robots Exclusion Protocol , 2020, RFC.

[11]  Insik Shin,et al.  Pride and Prejudice in Progressive Web Apps: Abusing Native App-like Features in Web Applications , 2018, CCS.

[12]  David A. Wagner,et al.  How to Ask for Permission , 2012, HotSec.

[13]  Sunny Consolvo,et al.  "...No one Can Hack My Mind": Comparing Expert and Non-Expert Security Practices , 2015, SOUPS.

[14]  Constantinos Patsakis,et al.  Knock-Knock: The unbearable lightness of Android Notifications , 2018, ICISSP.

[15]  Roberto Perdisci,et al.  What You See is NOT What You Get: Discovering and Tracking Social Engineering Attack Campaigns , 2019, Internet Measurement Conference.

[16]  Mirco Musolesi,et al.  Designing content-driven intelligent notification mechanisms for mobile applications , 2015, UbiComp.

[17]  Mirco Musolesi,et al.  My Phone and Me: Understanding People's Receptivity to Mobile Notifications , 2016, CHI.

[18]  Tadashi Okoshi,et al.  Reducing users' perceived mental effort due to interruptive notifications in multi-device mobile environments , 2015, UbiComp.

[19]  Matthew Smith,et al.  Replication: No One Can Hack My Mind Revisiting a Study on Expert and Non-Expert Security Practices and Advice , 2019, SOUPS @ USENIX Security Symposium.

[20]  Steve Benford,et al.  Investigating episodes of mobile phone activity as indicators of opportune moments to deliver notifications , 2011, Mobile HCI.