An Empirical Study on User Reviews Targeting Mobile Apps' Security & Privacy

TL;DR

This study analyzes 2.2 million Google Play Store reviews to understand user concerns about security and privacy in mobile apps, revealing that only a small fraction explicitly discuss these issues but are influenced by app permissions and location sharing.

Contribution

It provides the first large-scale empirical analysis linking user reviews to actual app security and privacy behaviors, highlighting key factors influencing user perceptions.

Findings

0.5% of reviews mention security or privacy concerns

Number of permissions significantly impacts user perception

Location sharing affects user concerns about privacy

Abstract

Application markets provide a communication channel between app developers and their end-users in form of app reviews, which allow users to provide feedback about the apps. Although security and privacy in mobile apps are one of the biggest issues, it is unclear how much people are aware of these or discuss them in reviews. In this study, we explore the privacy and security concerns of users using reviews in the Google Play Store. For this, we conducted a study by analyzing around 2.2M reviews from the top 539 apps of this Android market. We found that 0.5\% of these reviews are related to the security and privacy concerns of the users. We further investigated these apps by performing dynamic analysis which provided us valuable insights into their actual behaviors. Based on the different perspectives, we categorized the apps and evaluated how the different factors influence the users' perception of the apps. It was evident from the results that the number of permissions that the apps request plays a dominant role in this matter. We also found that sending out the location can affect the users' thoughts about the app. The other factors do not directly affect the privacy and security concerns for the users.