MURAL - Maynooth University Research Archive Library



    Security, Privacy & Usability in Modern Web Services.


    Sheil, Ashley (2023) Security, Privacy & Usability in Modern Web Services. PhD thesis, National University of Ireland Maynooth.

    [thumbnail of A.Sheil-Thesis-Final.pdf]
    Preview
    Text
    A.Sheil-Thesis-Final.pdf

    Download (29MB) | Preview

    Abstract

    The overall aim of this thesis was to explore how user experience (UX) design can impact upon security, usability and privacy and the implications this has on the end user, in particular if that user is vulnerable. We aim to do this through three distinct projects. Our first project was inspired by the question of whether a more complicated security mechanisms, that might challenge a vulnerable user, can always provide substantial extra security. We explore this question by attempting to guess PINs via their partial PINs (a random subset of the full PIN). This form of authentication is commonly used in banking in the UK and Ireland. We created four different guessing strategies in order to see which proved most efficient at guessing various sized PINs. Overall we discovered that you can recover a full PIN faster by guessing via its partial PIN, and that the partial PIN system is not as secure as using a full PIN at log in. Our second project analyses Irish cookie banners in order to note style and compliance with GDPR regulations. Like partial PINs in our first project, cookie banners could be especially confusing and frustrating to a vulnerable user. This project is based on a study conducted in Greece which looked at their national cookie banners and banners in the UK. Comparatively Ireland fares slightly better in compliance, but otherwise similar results were noted. We note several dark patterns which manipulate users into sharing more data. Our final project explores the strategies and dark patterns that are used to retain subscribers. We subscribe to four different countries’ national news sites and compare subscription and cancellation flows. We also discuss recent regulatory changes in each country. It was possible to cancel the majority of the subscriptions online. Despite this, it is not as straight forward to cancel and involves going through many barriers to eventually reach the goal of cancelling your subscription. Similar to the preceding two projects, dark patterns potentially can have a greater impact on the more vulnerable user.
    Item Type: Thesis (PhD)
    Keywords: Security; Privacy; Usability; Modern Web Services;
    Academic Unit: Faculty of Science and Engineering > Mathematics and Statistics
    Item ID: 19016
    Depositing User: IR eTheses
    Date Deposited: 14 Oct 2024 09:53
    URI: https://mural.maynoothuniversity.ie/id/eprint/19016
    Use Licence: This item is available under a Creative Commons Attribution Non Commercial Share Alike Licence (CC BY-NC-SA). Details of this licence are available here

    Repository Staff Only (login required)

    Item control page
    Item control page

    Downloads

    Downloads per month over past year

    Origin of downloads