The Role of Social Influence In Security Feature Adoption Sauvik Das Carnegie Mellon University Adam Kramer Facebook, Inc. Laura Dabbish Carnegie Mellon University Jason Hong Carnegie Mellon University 1
The Role of Social Influence In Security Feature Adoption, at CSCW 2015
Jul 16, 2015
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
The Role of Social Influence In Security Feature Adoption
Sauvik Das
Carnegie Mellon University
Adam Kramer
Facebook, Inc.
Laura Dabbish
Carnegie Mellon University
Jason Hong
Carnegie Mellon University
1
Security Tools Needed
2Background
Today's user-facing security technology can prevent many of the security breaches average people experience.
With more and more of our lives being digitized and widely available online, the widespread awareness and use of security tools is becoming increasingly important.
Yet, many people are not aware of, do not have the motivation to use, or do not know how to use security tools.
What explains low security awareness and adoption?
3Background
Usability for the individual?
4Background
Our focus on usability has gotten us far. But security feature adoption remains lower than it could be.
What’s missing?
Usability beyond the individualHuman beings are social creatures, and the decisions we make about security and privacy should be viewed within the context of a social system.
5
Social Proof
6
We look to others for cues on how to act when we are uncertain.
7Background
Social proof can be used to increase security announcement click-throughs and security feature adoptions on Facebook (CCS 2014).
Social proof is a key catalyst for security related behavior change (SOUPS 2014).
Social proof against security
8Background
Prior work presents social proof at its best: when a behavior change was actually made made or when proof of widespread adoption was made explicit. What about at its worst?
But if social proof is so great, why does security feature awareness and adoption remain low?
Social proof against security
9Background
Security features are preventative and intrusive.
Thus, early adopters tend to be either security experts, people with a clear reason (e.g., it’s their job), or people who others perceive as “nutty” (Das et al., ’14) or paranoid (Gaw et al. ’06).
Early adopters could create some level of “brand disenfranchisement” on security tools—i.e., lay people could develop an illusory correlation between use of a security tool and the “attributes” of its early adopters.
Social influence could have either a positive or a negative effect on security feature adoption.
10Background
Research Questions
11
What affects the directionality and magnitude of the effect of social influence on security feature adoption?
Operationalized Parameter Space
12Research Questions
P1. The current rate of feature adoption among one’s friends.
P2. The number of distinct social circles those friends come from.
P3. The design attributes of a security tool it self.
Social Proof Parameter Space
13Research Question
The more existing adopters an observer can see, the stronger the effect. But, negative effect at low levels of adoption & positive effect at high levels of adoption.
The more social circles an observer believes existing adopters come from, the stronger the effect (e.g., a friend and a co-worker should have a stronger effect than two co-workers).
The more observable and socially inclusive a security feature, the stronger the effect.
Social Proof Parameter Space
14Research Question
The more existing adopters an observer can see, the stronger the effect. But, negative effect at low levels of adoption & positive effect at high levels of adoption.
The more social circles an observer believes existing adopters come from, the stronger the effect (e.g., a friend and a co-worker should have a stronger effect than two co-workers).
The more observable and socially inclusive a security feature, the stronger the effect.
Methodology
15
16Summary
We analyzed whether and how the adoption of three Facebook security features propagated through people’s social networks.
Login Notifications Login Approvals Trusted Contacts
Data Collection - Sample
17Background
For 12 days in late 2013, we selected a random subset of 250,000 people who newly adopted one of the aforementioned features.
For each day and feature, we also selected a random subset of 250,000 people who never adopted one of the aforementioned features.
In total, we had 250,000 people x 3 features x 2 usage states (uses / not uses) = 1,500,000 people.
Analysis Method
18Background
Can’t just stick in a logistic regression: - will not measure non-linearities in relationship between
collected variables and likelihood to adopt a feature. - correlational; confounds homophily with social
influence.
With observational data, how can we distinguish homophily from social influence?
Matched Propensity Sampling
19Background
Analytic technique developed by Aral et al. (2012).
Matched Propensity Sampling
20Background
Analytic technique developed by Aral et al. (2012).
1. Specify exposure levels along independent variable we believe is a proxy for the effect of “social influence” (i.e., percent of friends who have adopted a feature). Make exposure at different levels a binary variable (exposed or not).
% friends who use Login Notifications
E1 E2 E3 E4 E5
2.0 7.3 10.0 12.3 15.1
Matched Propensity Sampling
21Background
2. For each exposure level, calculate “propensity” that each user is exposed at that level, conditioned on a set of covariates thought to account for homophily.
DV: Exposed or not IV: Age, gender, etc.
Logistic Regression
Exposure Propensity Score
Data Collection - Covariates
22Background
Demographics Behavioral Friend Composition
Age Posts created & deleted Friend count
Gender Comments created & deleted Friend age mean
Account age Likes Friend age variance
Days active in last 30 Friends added & removed Percent male friends
Photos added Mean friends’ account age
Videos addedMean friends of friends count
Matched Propensity Sampling
23Background
3. For each exposure level, pair people with similar propensity scores. One should be exposed, the other should not be exposed. Compare the adoption rate between the exposed and unexposed.
Exposed Unexposed
Results
24
Expectations
25Research Questions
The more existing adopters an observer can see, the stronger the effect. But, negative effect at low levels of adoption & positive effect at high levels of adoption.
Perc
ent A
dopt
ed F
eatu
re
Exposure to feature adopting friendsE1 E2 E3 E4 E5
Unexposed Exposed
26Results
Login NotificationsPe
rcen
t Ado
pted
Fea
ture
0
22.5
45
67.5
90
Exposure to feature adopting friendsE1 (>2.0%) E2 (>7.3%) E3 (>10.0%) E4 (>12.3%) E5 (>15.1%)
Unexposed Exposed
All differences significant at p = 2e-16
27Results
Login NotificationsPe
rcen
t Ado
pted
Fea
ture
0
25
50
75
100
Exposure to feature adopting friendsE1 (>2.0%) E2 (>7.3%) E3 (>10.0%) E4 (>12.3%) E5 (>15.1%)
Unexposed Exposed
Critical Threshold
28Results
Login ApprovalsPe
rcen
t Ado
pted
Fea
ture
0
22.5
45
67.5
90
Exposure to feature adopting friendsE1 (>0.2%) E2 (>0.8%) E3 (>1.3%) E4 (>1.8%) E5 (>2.7%)
Unexposed Exposed
Critical Threshold
All differences significant at p = 2e-16
29Results
Trusted ContactsPe
rcen
t Ado
pted
Fea
ture
0
22.5
45
67.5
90
Exposure to feature adopting friendsE1 (>0.1%) E2 (>0.4%) E3 (>0.7%) E4 (>1.1%) E5 (>2.0%)
Unexposed Exposed
All differences significant at p = 2e-16
Differences across features
30Summary
The design of a security tool affects how amenable it is to social spread.
Security tools that are more observable and socially inclusive are more likely to be positively affected by social.
31Results
Similarities across featuresEx
pose
d -
Unex
pose
d Ad
optio
n Ra
te
-50
-37.5
-25
-12.5
0
12.5
25
37.5
50
Exposure to feature adopting friendsE1 E2 E3 E4 E5
Login Approvals Login Notifications Trusted Contacts
Critical Threshold
Summary & Conclusion
32
33Summary
We analyzed whether and how the adoption of three Facebook security features propagated through people’s social networks.
Login Notifications Login Approvals Trusted Contacts
34Summary
Key finding Social influence does appear to affect security feature adoption. But, the magnitude and directionality of its effect depend on:
Current level of adoption among one’s friends.
The attributes of the security tool, itself.
Implications
35Summary
Our work offers a social lens that helps explain why and how many security features live in obscurity despite providing an important service.
Social influence plays a significant role in both driving and inhibiting the adoption of security features, and the design of a security feature affects its social spread.
Security features should be designed to be more observable and socially inclusive to maximize social spread.
Take-aways
36
The Role of Social Influence In Security Feature Adoption
Sauvik Das [[email protected]]
Carnegie Mellon University
1. Social influence plays a significant role in driving or inhibiting security feature adoptions.
2. More feature-adopting friends predicts for lower likelihood of feature adoption below a critical threshold; higher above.
3. Security features that are more observable and socially inclusive are more amenable to social spread.
Related Documents
![[ CSCW ] Computer Supported Cooperative Work](https://static.cupdf.com/doc/110x72/56813de5550346895da7bc65/-cscw-computer-supported-cooperative-work.jpg)
