kau.se
System disruptions
We are currently experiencing disruptions on the search portals due to high traffic. We are working to resolve the issue, you may temporarily encounter an error message.
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • apa.csl
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Fingerprint Recognition on Mobile Devices: Widely Deployed, Rarely Understood
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013). (Privacy and Security, PRISEC)ORCID iD: 0000-0003-2823-3837
Karlstad University, Faculty of Arts and Social Sciences (starting 2013), Karlstad Business School (from 2013). (HumanIT)ORCID iD: 0000-0001-6826-3358
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013). (Privacy and Security, PRISEC)ORCID iD: 0000-0002-6938-4466
2018 (English)In: ARES 2018 Proceedings of the 13th International Conference on Availability, Reliability and Security (ARES 2018)., New York, NY, USA: Association for Computing Machinery (ACM), 2018, article id 39Conference paper, Published paper (Refereed)
Abstract [en]

Only a few studies have addressed the users' conception of how fingerprint recognition used for different purposes on mobile devices works. This study contributes by investigating how different groups of individuals think that the fingerprint recognition works, why they think so, and also by pointing out differences in pin code and fingerprint issues. The study furthermore yields some results concerning individuals' attitudes towards how sensitive the use of fingerprint sensors is: non-users tended to be more afraid of third-party access than users. On the other hand, users tended to regard the fingerprint pattern as more sensitive than non-users.

This study also manages to give some methodological contributions, namely that mockup user interfaces do not bias the parameters studied in this paper (e.g. understanding of access to fingerprint data), and that self-estimation of knowledge in Computer Security is not a good indicator of respondents' understanding of fingerprint security and privacy. Moreover, people who connected a low degree of sensitivity to fingerprint patterns gave very different reasons for their estimation of sensitivity. This prompts for more research, as it is unclear if different groups would benefit from different information and modes of visualisation to understand what are the issues involved in fingerprint recognition on mobile devices.
Place, publisher, year, edition, pages
New York, NY, USA: Association for Computing Machinery (ACM), 2018. article id 39
Keywords [en]
Fingerprint Pattern, User Perception, Sensitive Information, Data Privacy
National Category
Computer Sciences Human Computer Interaction
Identifiers
URN: urn:nbn:se:kau:diva-70227DOI: 10.1145/3230833.3234514ISI: 000477981800077ISBN: 978-1-4503-6448-5 (electronic)OAI: oai:DiVA.org:kau-70227DiVA, id: diva2:1264903
Conference
The 3rd SECPID Workshop in the 13th International Conference on Availability, Reliability and Security (ARES 2018), August 27-30, 2018, Hamburg, Germany.
Projects
CREDENTIAL
Funder
EU, Horizon 2020, 653454Available from: 2018-11-21 Created: 2018-11-21 Last updated: 2021-04-14Bibliographically approved
In thesis
1. The Lord of Their Data Under the GDPR?: Empowering Users Through Usable Transparency, Intervenability, and Consent
Open this publication in new window or tab >>The Lord of Their Data Under the GDPR?: Empowering Users Through Usable Transparency, Intervenability, and Consent
2020 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

The challenges imposed by the ever-growing online data processing make it difficult for people to control their data, which inevitably imperils the privacy of their personal information and making informed decisions. Thus, there is an increasing need for different societal, technological, and legal solutions that empower users to take control of their data. The intervenability rights and the enhanced transparency and consent requirements in the General Data Protection Regulation (GDPR) aim to enable users to gain control of their data. However, these rights and requirements will not be beneficial for users in practice without considering their Human-Computer Interaction (HCI) implications.

The objective of this thesis is to propose usable tools and solutions which improve user-centred transparency, intervenability, and consent, thereby empowering users to take control of their data and make informed decisions. To this end, we employ quantitative and qualitative empirical HCI research methods and consider users through the development cycles of the proposed tools and solutions. We investigate how usable ex-post transparency can facilitate intervenability by implementing and testing Transparency-Enhancing Tools (TETs) that run on users' devices. Further, we analyse the effectiveness of engaging users with policy information through different types of interaction techniques on drawing user attention to consent form contents. We extend our investigation to the robustness of varying consent form designs to habituation. Moreover, we study how users perceive our design of adapted consent based on the demands and challenges of the technology at hand.

This thesis contributes to bridging the gap between legally compliant and usable tools and techniques that aim to enable users to maintain control of their data, resulting in several artefacts, design guidelines, and empirical contributions. The artefacts comprise prototypes and mockups of usable TETs and consent forms. The guidelines encompass a set of design requirements for ex-post TETs that run based on privacy notifications and recommendations on how to engage users with consent form contents. Finally, the empirical contributions include the analysis of the effectiveness of the proposed means and methods on enabling users to exercise their intervenability rights and provide informed consent.
Abstract [en]

The challenges imposed by the ever-growing online data processing make it difficult for people to control their data, which inevitably imperils the privacy of their personal information. Thus, there is an increasing need for different societal, technological, and legal solutions that empower users to take control of their data. The intervenability rights and the enhanced transparency and consent requirements in the General Data Protection Regulation (GDPR) aim to enable users to gain control of their data. However, they will not be beneficial for users in practice without considering their Human-Computer Interaction (HCI) implications.

The objective of this thesis is to propose usable tools and solutions which improve user-centred transparency, intervenability, and consent, thereby empowering users to take control of their data and make informed decisions. To this end, we investigate how usable ex-post transparency can facilitate intervenability by implementing and testing transparency-enhancing tools that run on users' devices. Further, we analyse the effectiveness of engaging users with policy information through different types of interaction techniques on drawing user attention to consent form contents. We extend our investigation to the robustness of varying consent form designs to habituation. Moreover, we study how users perceive our design of adapted consent based on the demands and challenges of the technology at hand. The outcome of this thesis includes several artefacts, design guidelines, and empirical analyses.
Place, publisher, year, edition, pages
Karlstads universitet, 2020. p. 57
Series
Karlstad University Studies, ISSN 1403-8099 ; 2020:36
Keywords
Control of personal data, Data privacy, GDPR, HCI, Informed consent, Transparency-enhancing tool, Usability, User interface design
National Category
Computer Sciences Human Computer Interaction
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-81235 (URN)978-91-7867-170-0 (ISBN)978-91-7867-169-4 (ISBN)
Public defence
2020-12-09, 1B309 (Sjöströmsalen), 13:15 (English)
Opponent
Supervisors
Note

Artikel 2 del av avhandlingen som manuskript, nu publicerad.

Available from: 2020-11-20 Created: 2020-11-05 Last updated: 2021-09-01Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Authority records

Karegar, FarzanehPettersson, John SörenFischer-Hübner, Simone

Search in DiVA

By author/editor
Karegar, FarzanehPettersson, John SörenFischer-Hübner, Simone
By organisation
Department of Mathematics and Computer Science (from 2013)Karlstad Business School (from 2013)
Computer SciencesHuman Computer Interaction

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 414 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • apa.csl
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.45.0
|
WCAG
|
Karlstad University
|
University Library
|
Researchers support