Abstract
Expert security users make safer online decisions. However, average users do not have mental models for browser security and web certificates. Thus, they may make unsafe decisions online, putting their sensitive information at risk. Users can learn about browser security and their mental models can be developed using information visualization. We introduce an interactive interface designed for building mental models of web certificates for the average user, through visualization and interaction. This model was implemented to facilitate learning with a Mental Model Builder (MMB). The interface underwent a cognitive walkthrough usability inspection to evaluate the learnability and efficacy of the program. We found that there were unique and useful elements to our visualization of browser certificates. Thus, a 2nd generation interface was created and user-tested. Results show that it was successful in building mental models, and users made safer decisions about trusting websites.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Asgharpour, F., Liu, D., Camp, L.J.: Mental models of security risks. In: Dietrich, S., Dhamija, R. (eds.) FC 2007. LNCS, vol. 4886, pp. 367–377. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77366-5_34
Bravo-Lillo, C., Cranor, L.F., Downs, J., Komanduri, S.: Bridging the gap in computer security warnings: a mental model approach. IEEE Secur. Privacy Mag. 9(2), 18–26 (2011)
Biddle, R., Sobey, J., Whalen, T., Oorschot P.V., Patrick, A.: Browser interfaces and extended validation SSL certificates: an empirical study. In: Proceedings of ACM Workshop on Cloud Computing Security (2009)
Fogg, B.J.: Persuasive Technology: Using Computers to Change What We Think and Do. Morgan Kaufmann, Burlington (2002)
Forget, A., Chiasson, S., van Oorschot, P.C., Biddle, R.: Persuasion for stronger passwords: motivation and pilot study. In: Oinas-Kukkonen, H., Hasle, P., Harjumaa, M., Segerståhl, K., Øhrstrøm, P. (eds.) PERSUASIVE 2008. LNCS, vol. 5033, pp. 140–150. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68504-3_13
Jaspers, M.W.: A comparison of usability methods for testing interactive health technologies: methodological aspects and empirical evidence. Int. J. Med. Inf. 78(5), 340–353 (2009)
Liu, Z., Stasko, J.T.: Mental models, visual reasoning and interaction in information visualization: a top-down perspective. IEEE Trans. Vis. Comput. Graph. 16(6), 999–1008 (2010)
Felt, A.P., Reeder, R.W., Ainslie, A., Harris, H., Walker, M., et al.: Rethinking connection security indicators. In: SOUPS, pp. 1–14 (2016)
Schechter, S.E., Dhamija, R., Ozment, A., Fischer, I.: The emperor’s new security indicators. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 51–65. IEEE Computer Society, Washington, D.C. (2007)
Sheng, S., Magnien, B., Kumaraguru, P., Acquisti, A., Cranor, L.F., et al.: Anti-phishing phil: the design and evaluation of a game that teaches people not to fall for phish. In: Proceedings of SOUPS, NY, USA, pp. 88–99 (2007)
Sinreich, D., Gopher, D., Ben-Barak, S., Marmor, Y., Lahat, R.: Mental models as a practical tool in the engineer’s toolbox. Int. J. Prod. Res. 43(14), 2977–2996 (2005)
Sobey, J., Biddle, R., van Oorschot, P.C., Patrick, A.S.: Exploring user reactions to new browser cues for extended validation certificates. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 411–427. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88313-5_27
Wharton, C., Rieman, J., Lewis, C., Polson, P.: The cognitive walkthrough method: a practitioner’s guide. In: Usability Inspection Methods, pp. 105–140. Wiley, Hoboken (1994)
Zhang-Kennedy, L., Chiasson, S., Biddle, R.: Stop clicking on “update later”: persuading users they need up-to-date antivirus protection. In: Spagnolli, A., Chittaro, L., Gamberini, L. (eds.) PERSUASIVE 2014. LNCS, vol. 8462, pp. 302–322. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-07127-5_27
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Stojmenović, M., Oyelowo, T., Tkaczyk, A., Biddle, R. (2018). Building Website Certificate Mental Models. In: Ham, J., Karapanos, E., Morita, P., Burns, C. (eds) Persuasive Technology. PERSUASIVE 2018. Lecture Notes in Computer Science(), vol 10809. Springer, Cham. https://doi.org/10.1007/978-3-319-78978-1_20
Download citation
DOI: https://doi.org/10.1007/978-3-319-78978-1_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-78977-4
Online ISBN: 978-3-319-78978-1
eBook Packages: Computer ScienceComputer Science (R0)