Android permissions
Top Cited Papers
- 11 July 2012
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM)
Abstract
Android's permission system is intended to inform users about the risks of installing applications. When a user installs an application, he or she has the opportunity to review the application's permission requests and cancel the installation if the permissions are excessive or objectionable. We examine whether the Android permission system is effective at warning users. In particular, we evaluate whether Android users pay attention to, understand, and act on permission information during installation. We performed two usability studies: an Internet survey of 308 Android users, and a laboratory study wherein we interviewed and observed 25 Android users. Study participants displayed low attention and comprehension rates: both the Internet survey and laboratory study found that 17% of participants paid attention to permissions during installation, and only 3% of Internet survey respondents could correctly answer all three permission comprehension questions. This indicates that current Android permission warnings do not help most users make correct security decisions. However, a notable minority of users demonstrated both awareness of permission warnings and reasonable rates of comprehension. We present recommendations for improving user attention and comprehension, as well as identify open challenges.Keywords
Funding Information
- Division of Computing and Communication Foundations (CCF-0424422)
This publication has 21 references indexed in Scilit:
- A Conundrum of Permissions: Installing Applications on an Android SmartphoneLecture Notes in Computer Science, 2012
- These aren't the droids you're looking forPublished by Association for Computing Machinery (ACM) ,2011
- Android permissions demystifiedPublished by Association for Computing Machinery (ACM) ,2011
- A survey of mobile malware in the wildPublished by Association for Computing Machinery (ACM) ,2011
- When are users comfortable sharing locations with advertisers?Published by Association for Computing Machinery (ACM) ,2011
- I'm the mayor of my housePublished by Association for Computing Machinery (ACM) ,2011
- Multi-Layered Interfaces to Improve Older Adults’ Initial Learnability of Mobile ApplicationsACM Transactions on Accessible Computing, 2010
- Understanding and capturing people’s privacy policies in a mobile social networking applicationPersonal and Ubiquitous Computing, 2008
- You've been warnedPublished by Association for Computing Machinery (ACM) ,2008
- Privacy practices of Internet users: Self-reports versus observed behaviorInternational Journal of Human-Computer Studies, 2005