Replication: Do We Snooze If We Can't Lose? Modelling Risk with Incentives in Habituation User Studies

Karoline Busse, Dominik Wermke, Sabrina Amft, Sascha Fahl, Emanuel von Zezschwitz, and Matthew Smith
Proceedings of the 2019 Workshop on Usable Security (USEC), USEC 2019, San Diego, CA, USA, February 24, 2019
PDF Abstract Bibtex DOI

Abstract

Users of computer systems are confronted with security dialogs on a regular basis. As demonstrated by previous research, frequent exposure to these dialogs may lead to habituation (i.e., users tend to ignore them). While these previous studies are vital to gaining insights into the human factor, important realworld aspects have been ignored; most notably, not adhering to security dialogs has barely had a negative impact for user study participants.

To address this limitation, we replicate and extend previous work on the habituation effect. Our new study design introduces a monetary component in order to refine the study methodology on habituation research. To evaluate our approach, we conducted an online user study (n = 1236) and found a significant effect of monetary loss on the compliance to security dialogs.

Overall, this paper contributes to a deeper understanding of the habituation effect in the context of warning dialogs and provides novel insights into the complexity of ecologically valid risk modeling in user studies

Reference

@inproceedings{conf/usec/busse19,
 author = {Karoline Busse and
Dominik Wermke and
Sabrina Amft and
Sascha Fahl and
Emanuel von Zezschwitz and
Matthew Smith},
 booktitle = {Proceedings of the 2019 Workshop on Usable Security (USEC), USEC 2019, San Diego, CA, USA, February 24, 2019},
 doi = {10.14722/usec.2019.23001},
 month = {Feb},
 title = {Replication: Do We Snooze If We Can't Lose? Modelling Risk with Incentives in Habituation User Studies},
 url = {https://dx.doi.org/10.14722/usec.2019.23001},
 year = {2019}
}