Security Awareness and Affective Feedback: Categorical Behaviour vs. Reported Behaviour

TL;DR

This research investigates how affective feedback influences end-user security behavior and reveals a gap between perceived and actual online information disclosure, emphasizing the need for improved security awareness.

Contribution

It explores the relationship between categorical online disclosures, security awareness, and the impact of affective feedback on user behavior in a usable security context.

Findings

Disparity between disclosed and perceived information

Limited short-term impact of affective feedback

Future long-term studies planned for behavioral change assessment

Abstract

A lack of awareness surrounding secure online behaviour can lead to end-users, and their personal details becoming vulnerable to compromise. This paper describes an ongoing research project in the field of usable security, examining the relationship between end-user-security behaviour, and the use of affective feedback to educate end-users. Part of the aforementioned research project considers the link between categorical information users reveal about themselves online, and the information users believe, or report that they have revealed online. The experimental results confirm a disparity between information revealed, and what users think they have revealed, highlighting a deficit in security awareness. Results gained in relation to the affective feedback delivered are mixed, indicating limited short-term impact. Future work seeks to perform a long-term study, with the view that positive behavioural changes may be reflected in the results as end-users become more knowledgeable about security awareness.