Poster: Replication: Do We Snooze If We Can't Lose? Modelling Risk with Incentives in Habituation User Studies

Abstract

Users of computer systems are confronted with security dialogs on a regular basis. As demonstrated by previous research, frequent exposure to these dialogs may lead to habituation (i.e. users tend to ignore them). While these previous studies are vital to gaining insights into the human factor, important real-world aspects have been ignored; most notably, not adhering to security dialogs has barely had a negative impact for user study participants.

To address this limitation, we replicate and extend previous work on the habituation effect. Our new study design introduces a monetary component as a factor for risk of loss in order to refine the study methodology on habituation research in that direction. To evaluate our approach, we conducted an online user study (n = 1236) and found a significant effect of monetary loss on the compliance to security dialogs.

Overall, this paper contributes to a deeper understanding of the habituation effect in the context of warning dialogs and provides novel insights into the complexity of ecologically valid risk modeling in user studies.

Reference

@misc{poster/soups/busse18,
 author = {Karoline Busse and
Dominik Wermke and
Sabrina Amft and
Sascha Fahl and
Emanuel von Zezschwitz and
Matthew Smith},
 howpublished = {In Fourteenth Symposium on Usable Privacy and Security, SOUPS 2018, Baltimore, MD, USA, August 12-14, 2018},
 month = {Aug},
 title = {Replication: Do We Snooze If We Can't Lose? Modelling Risk with Incentives in Habituation User Studies},
 url = {https://www.usenix.org/sites/default/files/soups2018posters-busse.pdf},
 year = {2018}
}