A comparative study of smartphone-user security perception and preference towards redesigned security notifications

Abstract

In this paper, we conducted a survey of 206 smartphone users of different demographics in Japan and Tanzania, two countries with different security and privacy expectations, to analyse users' cybersecurity knowledge and attitudes. We studied password choices, smartphone lock behaviour, phishing awareness and attitudes towards public Wi-Fi. We also assessed the acceptability of our novel notification alert for smartphone OS security updates. We found that data privacy is equally important to the majority of participants, 70%, in both countries. However, most participants did not know the characteristics of a strong password for web applications despite being highly conscious of physical access security which was characterised by smartphone locking (78% of participants). We also found that phishing awareness in Tanzania is not satisfactory, with the majority of the participants, 78%, likely to open a link from an unknown email source, whereas in Japan only 32% are likely to do so. Participants in Japan were also slightly more likely to read terms and conditions when connecting to public Wi-Fi (36% vs. 27%). Our novel notification design which integrated security updates with other free information services seemed promising for increasing security awareness and update compliance. Participants were more willing to accept update notices that provided guidance on how-to to perform a required task than plain notices.