Acquired Electronics360

Information Technology

Researchers: We Ignore Computer Security Warnings 90% of the Time

20 August 2016

Have you ever seen those security warnings pop up on your computer or smartphone? Well, according to researchers from Brigham Young University, along with Google Chrome engineers, we see them—we just also ignore them 90% of the time.
A security message from the Google Chrome Cleanup Tool is shown. (Image Credit: Google Chrome) A security message from the Google Chrome Cleanup Tool is shown. (Image Credit: Google Chrome)

The researchers have a word of advice for software developers: for people to pay attention to security warnings, make them appear at more convenient times.

The study found that the current warning messages appear almost randomly, while people are typing, watching videos, or uploading files. But this method results in up to 90% of users disregarding them.

The findings showed that these times are less effective because of "dual-task interference," a biological limitation that does not allow for the simultaneous performance of even the simplest tasks without performance loss (otherwise known as multitasking).

"We found that the brain can't handle multitasking very well," said Anthony Vance, study coauthor and BYU information systems professor. "Software developers categorically present these messages without any regard to what the user is doing. They interrupt us constantly and our research shows there's a high penalty that comes by presenting these messages at random times."

To support this finding, the researchers discovered that 74% of people in the study ignored security messages that popped up while they were about to close a web page window. Another 79% ignored the messages if they were watching a video, and 87% disregarded the messages while they were transferring information.

According to Jeff Jenkins, lead author of the study appearing in Information Systems Research, one of the premier journals of business research, this problem can be lessened by being more deliberate with warning display times.

"Waiting to display a warning when people are not busy doing something else increases their security behavior substantially,” said Jenkins.

Jenkins, Vance and the team discovered that people paid the most attention to security messages when they pop up during lower dual-task times, such as after watching a video, while waiting for a page to load, or after any website interaction.

While the authors realize that this seems like common knowledge, timing security warnings to appear when a person is more likely ready to respond is not current practice in the software industry. They are also the first to demonstrate empirically the effects of dual-task interference during computer security tasks.

During the experiments the team employed a functional fMRI scanner to show neural activity was substantially reduced when security messages interrupted a task, as compared to when a user responded to the security message itself.

The team showed this data to a group of Google Chrome security engineers in order to identify better security display message times during the browsing experience.

Story via BYU.

To contact the author of this article, email Nicolette.Emmino@ieeeglobalspec.com


Powered by CR4, the Engineering Community

Discussion – 0 comments

By posting a comment you confirm that you have read and accept our Posting Rules and Terms of Use.
Engineering Newsletter Signup
Get the Engineering360
Stay up to date on:
Features the top stories, latest news, charts, insights and more on the end-to-end electronics value chain.
Advertisement
Weekly Newsletter
Get news, research, and analysis
on the Electronics industry in your
inbox every week - for FREE
Sign up for our FREE eNewsletter
Advertisement

CALENDAR OF EVENTS

Date Event Location
30 Nov-01 Dec 2017 Helsinki, Finland
23-27 Apr 2018 Oklahoma City, Oklahoma
18-22 Jun 2018 Honolulu, Hawaii
Find Free Electronics Datasheets
Advertisement