Article

Free access

Gathering evidence: use of visual security cues in web browsers

Authors:

Tara Whalen,

Kori M. InkpenAuthors Info & Claims

GI '05: Proceedings of Graphics Interface 2005

Pages 137 - 144

Published: 07 May 2005 Publication History

PDF eReader

Abstract

Web browsers support secure online transactions, and provide visual feedback mechanisms to inform the user about security. These mechanisms have had little evaluation to determine how easily they are noticed and how effectively they are used. This paper describes a preliminary study conducted to determine which elements are noted, which are ignored, and how easily they are found. We collected eyetracker data to study user's attention to browser security, and gathered additional subjective data through questionnaires. Our results demonstrated that while the lock icon is commonly viewed, its interactive capability is essentially ignored. We also found that certificate information is rarely used, and that people stop looking for security information after they have signed into a site. These initial results provide insights into how browser security cues might be improved.

References

[1]

Adams, A. and M. A. Sasse (1999). "Users are not the enemy: Why users compromise security mechanisms and how to take remedial measures." Communications of the ACM 42(12): 40--46.

Digital Library

Google Scholar

[2]

Bartram, L., C. Ware, et al. (2001). Moving Icons: Detection and Distraction. Interact 2001, Tokyo, Japan.

Google Scholar

[3]

DIMACS (2004). Program of the DIMACS Workshop on Usable Privacy and Security Software.

Google Scholar

[4]

Friedman, B., D. C. Howe, et al. (2002). Informed Consent in the Mozilla Browser: Implementing Value-Sensitive Design. Thirty-Fifth Annual Hawaii International Conference on System Sciences.

Digital Library

Google Scholar

[5]

Friedman, B., D. Hurley, et al. (2002). Users' conceptions of Web security: A comparative study. CHI 2002, Minneapolis, MN.

Digital Library

Google Scholar

[6]

IEEE (2004). IEEE Security and Privacy Magazine Special Issue on Security and Usability, IEEE Computer Society.

Google Scholar

[7]

Saltzer, J. H. and M. D. Schroeder (1975). "The Protection of Information in Computer Systems." Proceedings of the IEEE 63(9): 1278--1308.

Crossref

Google Scholar

[8]

Tobii Technology AB (2003). User manual, Tobii eye-tracker.

Google Scholar

[9]

Whitten, A. and J. D. Tygar (1999). Why Johnny can't encrypt: A usability evaluation of PGP 5.0. 8th Usenix Security Symposium, Washington, D.C.

Digital Library

Google Scholar

[10]

Yurcik, W., J. Barlow, et al. (2003). Two Visual Computer Security Network Monitoring Tools Incorporating Operator Interface Requirements. CHI 2003 Workshop on Human-Computer Interaction and Security Systems, Ft. Lauderdale, Florida.

Google Scholar

Cited By

View all

Windl MScheidle AGeorge CMayer SKelley PKapadia A(2023)Investigating security indicators for hyperlinking within the metaverseProceedings of the Nineteenth USENIX Conference on Usable Privacy and Security10.5555/3632186.3632219(605-620)Online publication date: 7-Aug-2023
https://dl.acm.org/doi/10.5555/3632186.3632219
Schiller KAdamsky FBenenson Z(2023)Towards an Empirical Study to Determine the Effectiveness of Support Systems against E-Mail Phishing AttacksExtended Abstracts of the 2023 CHI Conference on Human Factors in Computing Systems10.1145/3544549.3585658(1-15)Online publication date: 19-Apr-2023
https://dl.acm.org/doi/10.1145/3544549.3585658
Danilova ANaiakshina ASmith MRothermel GBae D(2020)One size does not fit allProceedings of the ACM/IEEE 42nd International Conference on Software Engineering10.1145/3377811.3380387(136-148)Online publication date: 27-Jun-2020
https://dl.acm.org/doi/10.1145/3377811.3380387
Show More Cited By

Recommendations

A study of tabbed browsing among mozilla firefox users
CHI '10: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

We present a study which investigated how and why users of Mozilla Firefox use multiple tabs and windows during web browsing. The detailed web browsing usage of 21 participants was logged over a period of 13 to 21 days each, and was supplemented by ...
RSVP Browser: Web Browsing on Small Screen Devices

In this paper, we illustrate the use of space-time trade-offs for information presentation on small screens. We propose the use of Rapid Serial Visual Presentation (RSVP) to provide a rich set of navigational information for Web browsing. The principle ...
Designing and Implementing the OP and OP2 Web Browsers

Current web browsers are plagued with vulnerabilities, providing hackers with easy access to computer systems via browser-based attacks. Browser security efforts that retrofit existing browsers have had limited success because the design of modern ...

Comments

Information & Contributors

Information

Published In

GI '05: Proceedings of Graphics Interface 2005

May 2005

256 pages

ISBN:1568812655

Program Chairs:
Kori Inkpen
Dalhousie University
,
Michiel van de Panne
The University of British Columbia

Publisher

Canadian Human-Computer Communications Society

Waterloo, Canada

Publication History

Published: 07 May 2005

Author Tags

Qualifiers

Article

Acceptance Rates

Overall Acceptance Rate 206 of 508 submissions, 41%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

37
Total Citations
View Citations
1,566
Total Downloads

Downloads (Last 12 months)68
Downloads (Last 6 weeks)15

Reflects downloads up to 08 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Windl MScheidle AGeorge CMayer SKelley PKapadia A(2023)Investigating security indicators for hyperlinking within the metaverseProceedings of the Nineteenth USENIX Conference on Usable Privacy and Security10.5555/3632186.3632219(605-620)Online publication date: 7-Aug-2023
https://dl.acm.org/doi/10.5555/3632186.3632219
Schiller KAdamsky FBenenson Z(2023)Towards an Empirical Study to Determine the Effectiveness of Support Systems against E-Mail Phishing AttacksExtended Abstracts of the 2023 CHI Conference on Human Factors in Computing Systems10.1145/3544549.3585658(1-15)Online publication date: 19-Apr-2023
https://dl.acm.org/doi/10.1145/3544549.3585658
Danilova ANaiakshina ASmith MRothermel GBae D(2020)One size does not fit allProceedings of the ACM/IEEE 42nd International Conference on Software Engineering10.1145/3377811.3380387(136-148)Online publication date: 27-Jun-2020
https://dl.acm.org/doi/10.1145/3377811.3380387
Thompson CShelton MStark EWalker MSchechter EFelt AHeninger NTraynor P(2019)The web's identity crisisProceedings of the 28th USENIX Conference on Security Symposium10.5555/3361338.3361457(1715-1732)Online publication date: 14-Aug-2019
https://dl.acm.org/doi/10.5555/3361338.3361457
Ma ZReynolds JDickinson JWang KJudd TBarnes JMason JBailey MJansen RPeterson P(2019)The impact of secure transport protocols on phishing efficacyProceedings of the 12th USENIX Conference on Cyber Security Experimentation and Test10.5555/3359012.3359021(9-9)Online publication date: 12-Aug-2019
https://dl.acm.org/doi/10.5555/3359012.3359021
Issa AMurray TErnst GBuchanan GStevenson D(2018)In search of perfect usersProceedings of the 30th Australian Conference on Computer-Human Interaction10.1145/3292147.3292231(572-576)Online publication date: 4-Dec-2018
https://dl.acm.org/doi/10.1145/3292147.3292231
Lee JKim HPark JShin ISon SLie DMannan MBackes MWang X(2018)Pride and Prejudice in Progressive Web AppsProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243867(1731-1746)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243867
Moreno-Fernndez MBlanco FGaraizar PMatute H(2017)Fishing for phishers. Improving Internet users' sensitivity to visual deception cues to prevent electronic fraudComputers in Human Behavior10.1016/j.chb.2016.12.04469:C(421-436)Online publication date: 1-Apr-2017
https://dl.acm.org/doi/10.1016/j.chb.2016.12.044
Felt AReeder RAinslie AHarris HWalker MThompson CAcer MMorant EConsolvo S(2016)Rethinking connection security indicatorsProceedings of the Twelfth USENIX Conference on Usable Privacy and Security10.5555/3235895.3235897(1-13)Online publication date: 22-Jun-2016
https://dl.acm.org/doi/10.5555/3235895.3235897
Neupane ARahman MSaxena NHirshfield LRay ILi NKruegel C(2015)A Multi-Modal Neuro-Physiological Study of Phishing Detection and Malware WarningsProceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security10.1145/2810103.2813660(479-491)Online publication date: 12-Oct-2015
https://dl.acm.org/doi/10.1145/2810103.2813660
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Recommendations

A study of tabbed browsing among mozilla firefox users

RSVP Browser: Web Browsing on Small Screen Devices

Designing and Implementing the OP and OP2 Web Browsers