Visualizing Privacy Risks of Mobile Applications through a Privacy Meter

When it comes to installing mobile applications on Android devices, users tend to ignore privacy warning messages about permissions being requested. Warning messages are often shown too late and are hard to interpret for normal users. To improve users’ awareness of potential privacy implications of installing an application, we designed a “privacy meter” that visualizes the risks (in a slider bar format) imposed by the types of permissions being requested. Interpreting and understanding privacy risks become quick and easy.

[1]  Blase Ur,et al.  How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation , 2012, USENIX Security Symposium.

[2]  Norman M. Sadeh,et al.  Modeling Users' Mobile App Privacy Preferences: Restoring Usability in a Sea of Permission Settings , 2014, SOUPS.

[3]  Norman M. Sadeh,et al.  Expectation and purpose: understanding users' mental models of mobile app privacy through crowdsourcing , 2012, UbiComp.

[4]  Lorrie Faith Cranor,et al.  Timing is everything?: the effects of timing and placement of online privacy indicators , 2009, CHI.

[5]  David A. Wagner,et al.  The Effectiveness of Application Permissions , 2011, WebApps.

[6]  Ninghui Li,et al.  Effective Risk Communication for Android Apps , 2013, IEEE Transactions on Dependable and Secure Computing.

[7]  Steve Hanna,et al.  Android permissions demystified , 2011, CCS '11.

[8]  Lorrie Faith Cranor,et al.  Privacy as part of the app decision-making process , 2013, CHI.

[9]  David A. Wagner,et al.  Android permissions: user attention, comprehension, and behavior , 2012, SOUPS.

[10]  Georgios Kambourakis,et al.  A cloud-based architecture to crowdsource mobile app privacy leaks , 2014, Panhellenic Conference on Informatics.

[11]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[12]  Debmalya Biswas,et al.  Privacy Panel: Usable and Quantifiable Mobile Privacy , 2013, 2013 International Conference on Availability, Reliability and Security.

[13]  Lorrie Faith Cranor,et al.  A Conundrum of Permissions: Installing Applications on an Android Smartphone , 2012, Financial Cryptography Workshops.

[14]  Matthew Smith,et al.  Using personal examples to improve risk communication for security & privacy decisions , 2014, CHI.