Exploring Psychological Need Fulfillment for Security and Privacy Actions on Smartphones

Much work has been conducted to investigate the obstacles that keep users from using mitigations against security and privacy threats on smartphones. By contrast, we conducted in-depth interviews (n = 19) to explore users’ motivations for voluntarily applying security and privacy actions on smartphones. Our work focuses on analyzing intrinsic motivation in terms of psychological need fulfillment. Our findings provide first insights on the salience of basic psychological needs in the context of smartphone security and privacy. They illustrate how security and privacy actions on smartphones are motivated by a variety of psychological needs, only one of them being the need for Security. Moreover, the results illustrate how psychological needs can help to explain the adoption of security and privacy technologies and the interaction with those technologies. We further discuss how the design of security and privacy technologies could be guided by the gained knowledge.

[1]  Sebastian Möller,et al.  On the need for different security methods on mobile phones , 2011, Mobile HCI.

[2]  J. R. Landis,et al.  The measurement of observer agreement for categorical data. , 1977, Biometrics.

[3]  Rick Wash,et al.  Betrayed by updates: how negative experiences affect future security , 2014, CHI.

[4]  Matthias Peissner,et al.  User experience concept exploration: user needs as a source for innovation , 2014, NordiCHI.

[5]  E. Deci,et al.  Self-determination theory and the facilitation of intrinsic motivation, social development, and well-being. , 2000, The American psychologist.

[6]  Vyas Sekar,et al.  Measuring user confidence in smartphone security and privacy , 2012, SOUPS.

[7]  Elizaveta Sergeevna Mazunina,et al.  End-to-end encryption , 2016 .

[8]  S. Reiss Multifaceted Nature of Intrinsic Motivation: The Theory of 16 Basic Desires , 2004 .

[9]  Sebastian Möller,et al.  Using Statistical Information to Communicate Android Permission Risks to Users , 2014, 2014 Workshop on Socio-Technical Aspects in Security and Trust.

[10]  Zinaida Benenson,et al.  Differences between Android and iPhone Users in Their Security and Privacy Awareness , 2014, TrustBus.

[11]  Edward F. Melcer,et al.  Open sesame: re-envisioning the design of a gesture-based access control system , 2013, CHI Extended Abstracts.

[12]  Blase Ur,et al.  Biometric authentication on iPhone and Android: Usability, perceptions, and influences on adoption , 2015 .

[13]  Susanne Bødker,et al.  Modeling is not the answer!: designing for usable security , 2012, INTR.

[14]  Kasper Hornbæk,et al.  Old wine in new bottles or novel challenges: a critical analysis of empirical studies of user experience , 2011, CHI.

[15]  Sven G. Kratz,et al.  AirAuth: evaluating in-air hand gestures for authentication , 2014, MobileHCI '14.

[16]  Alexander De Luca,et al.  It's a Hard Lock Life: A Field Study of Smartphone (Un)Locking Behavior and Risk Perception , 2014, SOUPS.

[17]  Peter C. Wright,et al.  Understanding the Experience-Centeredness of Privacy and Security Technologies , 2014, NSPW '14.

[18]  Seymour Epstein,et al.  Cognitive-experiential self-theory. , 1998 .

[19]  E. Deci,et al.  The "What" and "Why" of Goal Pursuits: Human Needs and the Self-Determination of Behavior , 2000 .

[20]  Sebastian Möller,et al.  Analyzing End-Users ’ Knowledge and Feelings Surrounding Smartphone Security and Privacy , 2015 .

[21]  David A. Wagner,et al.  Android permissions: user attention, comprehension, and behavior , 2012, SOUPS.

[22]  Dimitris Gritzalis,et al.  Delegate the smartphone user? Security awareness in smartphone platforms , 2013, Comput. Secur..

[23]  Lorrie Faith Cranor,et al.  Privacy as part of the app decision-making process , 2013, CHI.

[24]  Julian Schütte,et al.  On the Effectiveness of Malware Protection on Android An evaluation of Android antivirus , 2013 .

[25]  Kennon M. Sheldon,et al.  What is satisfying about satisfying events? Testing 10 candidate psychological needs. , 2001, Journal of personality and social psychology.

[26]  Andreas Möller,et al.  Update Behavior in App Markets and Security Implications : A Case Study in Google Play , 2012 .

[27]  David A. Wagner,et al.  I've got 99 problems, but vibration ain't one: a survey of smartphone users' concerns , 2012, SPSM '12.

[28]  Kami Vaniea,et al.  Poster: A User Study of WhatsApp Privacy Settings Among Arab Users , 2015 .

[29]  Matthias Peissner,et al.  Experimentally Manipulating Positive User Experience Based on the Fulfilment of User Needs , 2013, INTERACT.

[30]  Sunny Consolvo,et al.  "...No one Can Hack My Mind": Comparing Expert and Non-Expert Security Practices , 2015, SOUPS.

[31]  Wendy E. Mackay,et al.  CHI '13 Extended Abstracts on Human Factors in Computing Systems , 2013, CHI 2013.

[32]  W. Ryan,et al.  Privacy and freedom: Alan F. Westin Atheneum Publishers, $10 , 1967 .

[33]  Matthew Smith,et al.  Using personal examples to improve risk communication for security & privacy decisions , 2014, CHI.

[34]  Sarah Diefenbach,et al.  Needs, affect, and interactive products - Facets of user experience , 2010, Interact. Comput..

[35]  Studying the effectiveness of android application permissions requests , 2013, 2013 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops).

[36]  Robert Biddle,et al.  Graphical passwords: Learning from the first twelve years , 2012, CSUR.

[37]  Yuval Elovici,et al.  Google Android: A State-of-the-Art Review of Security Mechanisms , 2009, ArXiv.

[38]  Simson L. Garfinkel,et al.  Usable Security: History, Themes, and Challenges , 2014, Usable Security: History, Themes, and Challenges.

[39]  D. M. Pedersen PSYCHOLOGICAL FUNCTIONS OF PRIVACY , 1997 .