Several end-to-end encryption technologies for emails such as PGP and S/MIME exist since decades. However, end-to-end encryption is barely applied. To understand why users hesitate to secure their email communication and which usability issues they face with PGP, S/MIME as well as with pEp (Pretty Easy Privacy), a fairly new technology, we conducted an online survey and user testing. We found that more than 60% of e-mail users are unaware of the existence of such encryption technologies and never tried to use one. We observed that above all, users are overwhelmed with the management of public keys and struggle with the setup of encryption technology in their mail software. Even though users struggle to put email encryption into practice, we experienced roughly the same number of users being aware of the importance of email encryption. Particularly, we found that users are very concerned about identity theft, as 78% want to make sure that no other person is able to write email in their name.
This paper presents the results of a usability study focused on three end-to-end encryption technologies for securing e-mail traffic, namely PGP, S/MIME, and Pretty Easy Privacy (pEp). The findings of this study show that, despite of existing technology, users seldom apply them for securing e-mail communication. Moreover, this study helps to explain why users hesitate to employ encryption technology in their e-mail communication. For this usability study, we have combined two methods: 1) an online survey, 2) and user testing with 12 participants who were enrolled in tasks requiring e-mail encryption. We found that more than 60% of our study participants (in both methods) are unaware of the existence of encryption technologies and thus never tried to use one. We observed that above all, users 1) are overwhelmed with the management of public keys and 2) struggle with the setup of encryption technology in their e-mail software. Nonetheless, 66% of the participants consider secure e-mail communication as important or very important. Particularly, we found an even stronger concern about identity theft among e-mail users, as 78% of the participants want to make sure that no other person is able to write e-mail on their behalf.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations鈥揷itations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright 漏 2024 scite LLC. All rights reserved.
Made with 馃挋 for researchers
Part of the Research Solutions Family.