RSS

CONTACT

GROUP PAGE

PREVIOUS POSTS

• Forge: A Tool to Teach Formal Methods
• Finding and Fixing Standard Misconceptions About Program Behavior
• Privacy-Respecting Type Error Telemetry at Scale
• Profiling Programming Language Learning
• The Examplar Project: A Summary
• A Core Calculus for Documents
• Observations on the Design of Program Planning Notations for Students
• Conceptual Mutation Testing
• Generating Programs Trivially: Student Use of Large Language Models
• A Grounded Conceptual Model for Ownership Types in Rust
• What Happens When Students Switch (Functional) Languages
• Typed-Untyped Interactions: A Comparative Analysis
• Little Tricky Logics
• Identifying Problem Misconceptions
• Performance Preconceptions
• Structural Versus Pipeline Composition of Higher-Order Functions
• Plan Composition Using Higher-Order Functions
• Towards a Notional Machine for Runtime Stacks and Scope
• Gradual Soundness: Lessons from Static Python
• Applying Cognitive Principles to Model-Finding Output
• Automated, Targeted Testing of Property-Based Testing Predicates
• A Benchmark for Tabular Types
• Student Help-Seeking for (Un)Specified Behaviors
• Adding Function Transformers to CODAP
• Developing Behavioral Concepts of Higher-Order Functions
• Adversarial Thinking Early in Post-Secondary Education
• Teaching and Assessing Property-Based Testing
• Students Testing Without Coercion
• Using Design Alternatives to Learn About Data Organizations
• What Help Do Students Seek in TA Office Hours?
• Combating Misconceptions by Encouraging Example-Writing
• The Hidden Perils of Automated Assessment
• Mystery Languages
• Resugaring Type Rules
• Picking Colors for Pyret Error Messages
• Can We Crowdsource Language Design?
• Crowdsourcing User Studies for Formal Methods
• User Studies of Principled Model Finder Output
• A Third Perspective on Hygiene
• Scope Inference, a.k.a. Resugaring Scope Rules
• The PerMission Store
• Examining the Privacy Decisions Facing Users
• The Pyret Programming Language: Why Pyret?
• Resugaring Evaluation Sequences
• Slimming Languages by Reducing Sugar
• In-flow Peer Review: An Overview
• Tierless Programming for SDNs: Differential Analysis
• Tierless Programming for SDNs: Verification
• Tierless Programming for SDNs: Optimality
• Tierless Programming for SDNs: Events
• Tierless Programming for Software-Defined Networks
• CS Student Work/Sleep Habits Revealed As Possibly Dangerously Normal
• Parley: User Studies for Syntax Design
• Typechecking Uses of the jQuery Language
• Verifying Extensions’ Compliance with Firefox's Private Browsing Mode
• From MOOC Students to Researchers
• Social Ratings of Application Permissions (Part 4: The Goal)
• Social Ratings of Application Permissions (Part 3: Permissions Within a Domain)
• Social Ratings of Application Permissions (Part 2: The Effect of Branding)
• Social Ratings of Application Permissions (Part 1: Some Basic Conditions)
• Aluminum: Principled Scenario Exploration Through Minimality
• A Privacy-Affecting Change in Firefox 20
• The New MOOR's Law
• Essentials of Garbage Collection
• (Sub)Typing First Class Field Names
• Typing First Class Field Names
• S5: Engineering Eval
• Progressive Types
• Modeling DOM Events
• Mechanized LambdaJS
• ECMA Announces Official λJS Adoption
• Objects in Scripting Languages
• S5: Wat?
• Belay Lessons: Smarter Web Programming
• S5: Semantics for Accessors
• S5: A Semantics for Today's JavaScript
• The Essence of JavaScript
• ADsafety

Social Ratings of Application Permissions (Part 2: The Effect of Branding)

Tags: Android, Permissions, Security, User Studies

Posted on 22 May 2013.

(This is the second post in this series. Click through for Part 1 and Part 3, and Part 4.)

In a prior post, we introduced our experiments investigating user ratings of smartphone application permissions. In this post we'll discuss the effect that branding has on users' evaluation of an app's permissions. Specifically, what effect does a brand name have on users' perceptions and ratings of an app?

We investigated this question using four well-known apps: Facebook, Gmail, Pandora Radio, and Angry Birds. Subjects were presented with a description of the app and its required permissions. We created surveys displaying the information presented to users in the Android app store, and asked users to rate the acceptability of the apps required permissions, and indicate whether they would install the app on their phone. Some of the subjects were presented with the true description of the app including its actual name, and the rest were presented with the same description, but with the well-known name replaced by a generic substitute. For example, Gmail was disguised as Mangogo Mail.

In the cases of Pandora and Angry Birds, there were no statistically significant differences in subjects' responses between the two conditions. However, there were significant differences in the responses for Gmail and Facebook.

For Gmail, participants rated the generic version's permissions as less acceptable and were less likely to install that version. For Facebook, however, participants rated the permissions for the generic version as less acceptable, but it had no effect on whether subjects would install the app. These findings raise interesting questions. Are the differences in responses caused by privacy considerations or other concerns, such as ability to access existing accounts? Why are people more willing to install a less secure social network than an insecure email client?

It is possible that people would be unwilling to install a generic email application because they want to be certain they could access their existing email or social network accounts. To separate access concerns from privacy concerns, we did a follow-up study in which we asked subjects to evaluate an app that was an interface over a brand-name app. In Gmail's case, for instance, subjects were presented with Gmore!, an app purporting to offer a smoother interaction with one's Gmail account.

Our findings for the interface apps was similar to the generic apps: for Facebook, subjects rated the permissions as less acceptable, but there was no effect on the likelihood of their installing the app; for Gmail, subjects rated the permissions as less acceptable and were less likely to install the app. In fact, the app that interfaced with Gmail had the lowest installation rate of any of the apps: just 47% of respondents would install the app, as opposed to 83% for brand-name Gmail, and 71% for generic Mangogo Mail. This suggests that subjects were concerned about the privacy of the apps, not just their functionality.

It is interesting that the app meant to interface with Facebook showed no significant difference in installation rates. Perhaps users are less concerned about the information on a social network than the information in their email, and see the potential consequences of installing an insecure social network as less dire than those associated with installing an insecure email client. This is just speculation, and this question requires further examination.

Overall, it seems that branding may play a role in how users perceive a given app's permissions, depending on the app. We would like to examine the nuances of this effect in greater detail. Why does this effect occur in some apps but not others? When does the different perception of permissions affect installation rates and why? These questions are exciting avenues for future research!

There's more! Click through to read Part 1, Part 3, and Part 4 of the series!