Assessing the usability of application level security warnings |
This paper investigates users’ understanding of security messages that can be encountered on a daily basis whilst using their computer. An experimental study was conducted that made use of a custom-built program designed to capture security messages and examine users’ views regarding the information provided. Analysis was performed whether enough information was provided by the application to enable users to understand the message and where appropriate make an informed decision. The study involved 36 participants with a range of education backgrounds and revealed that many participants still face difficulties in understanding the security warnings that they encountered on a daily basis. It is essential to use suitable and usable security features such as signal words, icons, help functions and accessible terminology in order to ensure that users’ fully understand security messages in the correct context. The results support the need for a better approach able to advance beyond current implementations of security warnings. These will improve end-users’ chances of understanding and using security effectively.
Zaaba ZF, Furnell SM, Haskell-Dowland PS (Dowland PS), Stengel I