Sheil, Ashley (2023) Security, Privacy & Usability in Modern Web Services. PhD thesis, National University of Ireland Maynooth.
Preview
A.Sheil-Thesis-Final.pdf
Download (29MB) | Preview
Abstract
The overall aim of this thesis was to explore how user experience (UX) design can
impact upon security, usability and privacy and the implications this has on the
end user, in particular if that user is vulnerable. We aim to do this through three
distinct projects.
Our first project was inspired by the question of whether a more complicated security
mechanisms, that might challenge a vulnerable user, can always provide
substantial extra security. We explore this question by attempting to guess PINs
via their partial PINs (a random subset of the full PIN). This form of authentication
is commonly used in banking in the UK and Ireland. We created four
different guessing strategies in order to see which proved most efficient at guessing
various sized PINs. Overall we discovered that you can recover a full PIN faster
by guessing via its partial PIN, and that the partial PIN system is not as secure
as using a full PIN at log in.
Our second project analyses Irish cookie banners in order to note style and compliance
with GDPR regulations. Like partial PINs in our first project, cookie
banners could be especially confusing and frustrating to a vulnerable user. This
project is based on a study conducted in Greece which looked at their national
cookie banners and banners in the UK. Comparatively Ireland fares slightly better
in compliance, but otherwise similar results were noted. We note several dark
patterns which manipulate users into sharing more data.
Our final project explores the strategies and dark patterns that are used to retain
subscribers. We subscribe to four different countries’ national news sites and
compare subscription and cancellation flows. We also discuss recent regulatory
changes in each country. It was possible to cancel the majority of the subscriptions
online. Despite this, it is not as straight forward to cancel and involves going
through many barriers to eventually reach the goal of cancelling your subscription.
Similar to the preceding two projects, dark patterns potentially can have a greater
impact on the more vulnerable user.
Item Type: | Thesis (PhD) |
---|---|
Keywords: | Security; Privacy; Usability; Modern Web Services; |
Academic Unit: | Faculty of Science and Engineering > Mathematics and Statistics |
Item ID: | 19016 |
Depositing User: | IR eTheses |
Date Deposited: | 14 Oct 2024 09:53 |
URI: | https://mural.maynoothuniversity.ie/id/eprint/19016 |
Use Licence: | This item is available under a Creative Commons Attribution Non Commercial Share Alike Licence (CC BY-NC-SA). Details of this licence are available here |
Repository Staff Only (login required)
Downloads
Downloads per month over past year