EUROUSEC

The digitalization of the reproductive body has engaged myriads of cutting-edge technologies in supporting people to know and tackle their intimate health. Generally understood as female technologies (aka female-oriented technologies or ‘FemTech’), ...

The COVID-19 pandemic motivated higher education institutions to adopt the use of e-proctoring software as a means to maintain academic integrity. This study explores the tension between student privacy and academic integrity from instructors’ ...

“Attribution of self-blame” is a spontaneous affective and cognitive self-evaluative reaction and is an important predictor of proactive and positive coping response behavior after a negative event. While blame attribution can indeed affect the efficacy ...

Direct-to-consumer (at-home) DNA testing allows users to gain ancestry and health information. Previous research has found users to be unconcerned about privacy relating to at-home DNA testing, with incomplete understanding of the process. The shared ...

Prior research has noted that users are willing to pay a premium for higher privacy and security of Internet of Things (IoT) devices. However, it is not clear whether and how users’ technical literacy and understandability of data management features ...

Smartphones are a central part of modern life and contain vast amounts of personal and professional data as well as access to sensitive features such as banking and financial apps. As such protecting our smartphones from unauthorised access is of great ...

As smartphones overtake personal computers as the device of choice for internet access and everyday digital tasks, cybersecurity becomes a pressing issue for the platform. Research has found that smartphone users appear to act less securely than they ...

This paper examines the effect of the dark pattern strategy “loss-gain framing” on users’ data disclosure behaviour in mobile settings. Understanding whether framing influences users’ willingness to disclose personal information is important to (i) ...

The smishing-based malware Flubot was taken down in mid-2022, yet there is little understanding of how it directly impacted smartphone users. We engage with customers of a partner Internet Service Provider (ISP), who have suffered a Flubot infection on ...

Mobile payment applications facilitate quick digital transactions; thus, evaluating these applications for security, privacy, user interaction, and accessibility is crucial. In our study, we analyzed the most downloaded 50 mobile payment applications on ...

We examine the risk to lost, stolen, or unattended smartphones due to attempts to guess the device’s unlock PIN, the most widespread authentication scheme for smartphones. We find novice attacks by those lacking forensic tools or training to be common, ...

Recent advancements in consumer-grade Brain-Computer Interfaces (BCIs) have opened up new possibilities for the exploration and deployment of brainwave-based user authentication. However, research on real-world usability and security is still lacking. ...

This study introduces PinchKey, a highly accurate and user-friendly behavioral biometric authentication method for VR users. Authentication is performed using the natural and intuitive ‘pinch’ gesture used when operating VR devices. Since this two-finger ...

Industrial Control Systems (ICS) run critical large-scale systems that are needed in everyday society. These include systems such as: power, water treatment and manufacturing. However, legacy systems are widely utilized in ICS settings and updating, ...

Studies on the usability of cryptographic APIs have pointed out the importance of the quality of API documentation, and such documentation should include tutorials and sample codes in addition to the API specifications. This study evaluates the ...

21st-century organisations can only learn how to respond effectively to, and recover from, adverse information security incidents if their employees report any incidents they notice. This should happen irrespective of whether or not they themselves ...

Security champions are regular employees who have deeper knowledge in information security and a direct connection with the security team. Through this connection, they can facilitate the diffusion of security knowledge to employees and back to the ...

We have witnessed an alarming growth in collecting citizens’ information by businesses and organizations. The more citizens’ information they collect, the greater their ability to utilize this knowledge for their own interests, often at the expense of ...

Developer-centered security research has identified a variety of reasons why software developers do not follow recommended security practices: lack of knowledge, outdated information sources, time pressure, and low usability of security mechanisms and ...

Millions of consumer-grade routers are vulnerable to security attacks. Router network attacks are dangerous and infections, presenting a serious security threat. They account for 80% of infected devices in the market, posing a greater threat than ...

Conversational AI (CAI) systems are on the rise and have been widely adopted in homes, cars and public spaces. Yet, people report privacy concerns and mistrust in these systems. Current data protection regulations ask providers to communicate data ...

Websites are an essential part of today’s business activities. Content Management Systems (CMS) are known for the fact that even laypersons can create good-looking websites with simple means and without huge costs. But if websites are not maintained ...

Despite technical advances in anti-phishing protection, in many cases the detection of phishing URLs largely depends on users manually inspecting the links found in suspicious emails. One solution proposed to support users in doing so is to use a URL ...

Phishing e-mail scams continue to threaten organisations around the world. With generative artificial intelligence, conventional phishing detection advice such as looking out for linguistic errors and bad layouts will become obsolete. New approaches to ...

Lateral phishing attacks can be devastating for users and organisational IT teams as these originate from legitimate, but compromised, email accounts that benefit from the implicit trust between sender and recipients. In this paper, we begin to explore ...