Users’ Privacy Attitudes towards the Use of Behavioral Biometrics Continuous Authentication (BBCA) Technologies: A Protection Motivation Theory Approach

Skalkos, Andreas; Stylios, Ioannis; Karyda, Maria; Kokolakis, Spyros

doi:10.3390/jcp1040036

Cited by 14 publications

(7 citation statements)

References 95 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The study also revealed differences in users' security requirements for different mobile applications, but it disregarded correlations to users' willingness to use CAuthN. The study by Skalkos et al [86] surveyed attitudes toward CAuthN of 778 users from the U.S. in a smartphone context. They found that privacy concerns had little to moderate effect on users' appraisals of the degree and likelihood of harm from the use of biometric systems.…”

Section: User Perceptionsmentioning

confidence: 99%

Internet Users' Willingness to Disclose Biometric Data for Continuous Online Account Protection: An Empirical Investigation

Dehling,

Tolsdorf,

Federrath

et al. 2024

PoPETs

View full text Add to dashboard Cite

Continuous authentication has emerged as a promising approach to increase user account security for online services. Unlike traditional authentication methods, continuous authentication provides ongoing security throughout the session, protecting against session takeover attacks due to illegitimate access. The effectiveness of continuous authentication systems relies on the continuous processing of users' sensitive biometric data. To balance security and privacy trade-offs, it's crucial to understand when users are willing to disclose biometric data for enhanced account security, addressing inevitable privacy concerns and user acceptance. To address this knowledge gap, we conducted an online study with 830 participants from the U.S., aiming to investigate user perceptions towards continuous authentication across different classes of online services. Our analysis identified four groups of biometric traits that directly reflect users' willingness to disclose them. Our findings demonstrate that willingness to disclose is influenced by both the specific biometric traits and the type of online service involved. User perceptions are strongly shaped by factors such as response efficacy, perceived privacy risks associated with the biometric traits, and concerns about the service providers' handling of such data. Our results emphasize the inadequacy of one-size-fits-all solutions and provide valuable insights for the design and implementation of continuous authentication systems.

show abstract

Section: User Perceptionsmentioning

confidence: 99%

Internet Users' Willingness to Disclose Biometric Data for Continuous Online Account Protection: An Empirical Investigation

Dehling,

Tolsdorf,

Federrath

et al. 2024

PoPETs

View full text Add to dashboard Cite

show abstract

“…In addition, Crossler et al (2013) argued that cyberspace self-protection research addresses primarily users in organizational settings as an important component of guaranteeing data security within organizations. Moreover, researchers have adapted the PMT to comprehend individual behaviors regarding the performance of several security measures (Dinev and Hu, 2007; Lee and Larsen, 2009; Johnston and Warkentin, 2010; Liang and Xue, 2010; Skalkos et al , 2021). As a matter of fact, Haag et al (2021) systematically presented and reviewed 67 PMT studies in the field of IS security and they compared their results with the application of PMT in psychology.…”

Section: Theoretical Backgroundmentioning

confidence: 99%

Exploring users’ attitude towards privacy-preserving search engines: a protection motivation theory approach

Skalkos,

Tsohou,

Karyda

et al. 2023

ICS

Self Cite

View full text Add to dashboard Cite

Purpose Search engines, the most popular online services, are associated with several concerns. Users are concerned about the unauthorized processing of their personal data, as well as about search engines keeping track of their search preferences. Various search engines have been introduced to address these concerns, claiming that they protect users’ privacy. The authors call these search engines privacy-preserving search engines (PPSEs). This paper aims to investigate the factors that motivate search engine users to use PPSEs. Design/methodology/approach This study adopted protection motivation theory (PMT) and associated its constructs with subjective norms to build a comprehensive research model. The authors tested the research model using survey data from 830 search engine users worldwide. Findings The results confirm the interpretive power of PMT in privacy-related decision-making and show that users are more inclined to take protective measures when they consider that data abuse is a more severe risk and that they are more vulnerable to data abuse. Furthermore, the results highlight the importance of subjective norms in predicting and determining PPSE use. Because subjective norms refer to perceived social influences from important others to engage or refrain from protective behavior, the authors reveal that the recommendation from people that users consider important motivates them to take protective measures and use PPSE. Research limitations/implications Despite its interesting results, this research also has some limitations. First, because the survey was conducted online, the study environment was less controlled. Participants may have been disrupted or affected, for example, by the presence of others or background noise during the session. Second, some of the survey items could possibly be misinterpreted by the respondents in the study questionnaire, as they did not have access to clarifications that a researcher could possibly provide. Third, another limitation refers to the use of the Amazon Turk tool. According Paolacci and Chandler (2014) in comparison to the US population, the MTurk workers are more educated, younger and less religiously and politically diverse. Fourth, another limitation of this study could be that Actual Use of PPSE is self-reported by the participants. This could cause bias because it is argued that internet users’ statements may be in contrast with their actions in real life or in an experimental scenario (Berendt et al., 2005, Jensen et al., 2005); Moreover, some limitations of this study emerge from the use of PMT as the background theory of the study. PMT identifies the main factors that affect protection motivation, but other environmental and cognitive factors can also have a significant role in determining the way an individual’s attitude is formed. As Rogers (1975) argued, PMT as proposed does not attempt to specify all of the possible factors in a fear appeal that may affect persuasion, but rather a systematic exposition of a limited set of components and cognitive mediational processes that may account for a significant portion of the variance in acceptance by users. In addition, as Tanner et al. (1991) argue, the ‘PMT’s assumption that the subjects have not already developed a coping mechanism is one of its limitations. Finally, another limitation is that the sample does not include users from China, which is the second most populated country. Unfortunately, DuckDuckGo has been blocked in China, so it has not been feasible to include users from China in this study. Practical implications The proposed model and, specifically, the subjective norms construct proved to be successful in predicting PPSE use. This study demonstrates the need for PPSE to exhibit and advertise the technology and measures they use to protect users’ privacy. This will contribute to the effort to persuade internet users to use these tools. Social implications This study sought to explore the privacy attitudes of search engine users using PMT and its constructs’ association with subjective norms. It used the PMT to elucidate users’ perceptions that motivate them to privacy adoption behavior, as well as how these perceptions influence the type of search engine they use. This research is a first step toward gaining a better understanding of the processes that drive people’s motivation to, or not to, protect their privacy online by means of using PPSE. At the same time, this study contributes to search engine vendors by revealing that users’ need to be persuaded not only about their policy toward privacy but also by considering and implementing new strategies of diffusion that could enhance the use of the PPSE. Originality/value This research is a first step toward gaining a better understanding of the processes that drive people’s motivation to, or not to, protect their privacy online by means of using PPSEs.

show abstract

“…personality variables, prior experience) that lead to the cognitive mediating processes categorized as threat appraisal and coping appraisal, which determines adaptive (to protect self/others) or maladaptive (not to protect) coping modes (Floyd et al, 2000;Rogers, 1975). PMT is an important framework for studying the role of influential factors such as privacy concerns, trust in technology or personal innovativeness in building behavioral intention toward the adoption of IoT devices and their subsequent usage (Skalkos et al, 2021;AlHogail, 2018). Threat appraisal is based on how severe the threat is and the possibility of its actual occurrence.…”

Section: Ics 305mentioning

confidence: 99%

Do desire, anxiety and personal innovativeness impact the adoption of IoT devices?

Bhadauria

Chennamaneni²

2022

ICS

View full text Add to dashboard Cite

Purpose This study aims to investigate the threat phenomenon as perceived by Internet of Things (IoT) users and examines the role of anxiety, desire and personal innovativeness in the behavioral intention toward the usage of IoT devices. Design/methodology/approach A unified research model is developed based on the protection motivation theory, theory of reasoned action, theory of self-regulation and the review of relevant theoretical, empirical and practitioner literature. Data were collected from 315 assistive IoT device users and analyzed using partial least squares structural modeling. Findings The results indicate strong support for the proposed research model. All relationships, except one, were significant at the 0.05 level. Desire was found to play a direct as well as a moderating role between fear and behavioral intention to continue using assistive IoT devices, which was also directly influenced by anxiety and personal innovativeness. Research limitations/implications Understanding the security behaviors of IoT users will help researchers and practitioners develop preventive measures and robust security solutions for the IoT devices to avert any threats from cyber-attacks and to boost users’ confidence levels. Future research will benefit from replicating the study using longitudinal data. Originality/value This study is one of the first studies that integrate multiple perspectives to present a holistic research model. To the authors’ knowledge, anxiety, desire and personal innovativeness, key factors influencing fear and behavioral intention, have not been studied in the domain of adoption of IoT assistive devices. Additionally, the study offers a new dimension to IoT users’ security behaviors.

show abstract