A large-scale empirical study on android runtime-permission rationale messages

Xueqing Liu, Yue Leng, Wei Yang, Wenyu Wang, Chengxiang Zhai, Tao Xie

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

After Android 6.0 introduces the runtime-permission system, many apps provide runtime-permission-group rationales for the users to better understand the permissions requested by the apps. To understand the patterns of rationales and to what extent the rationales can improve the users' understanding of the purposes of requesting permission groups, we conduct a large-scale measurement study on five aspects of runtime rationales. We have five main findings: (1) less than 25% apps under study provide rationales; (2) for permission-group purposes that are difficult to understand, the proportions of apps that provide rationales are even lower; (3) the purposes stated in a significant proportion of rationales are incorrect; (4) a large proportion of customized rationales do not provide more information than the default permission-requesting message of Android; (5) apps that provide rationales are more likely to explain the same permission group's purposes in their descriptions than apps that do not provide rationales. We further discuss important implications from these findings

Original languageEnglish (US)
Title of host publicationProceedings - 2018 IEEE Symposium on Visual Languages and Human-Centric Computing, VL/HCC 2018
EditorsCaitlin Kelleher, Gregor Engels, Joao Paulo Fernandes, Jacome Cunha, Jorge Mendes
PublisherIEEE Computer Society
Pages137-146
Number of pages10
ISBN (Electronic)9781538642351
DOIs
StatePublished - Oct 23 2018
Event2018 IEEE Symposium on Visual Languages and Human-Centric Computing, VL/HCC 2018 - Lisbon, Portugal
Duration: Oct 1 2018Oct 4 2018

Publication series

NameProceedings of IEEE Symposium on Visual Languages and Human-Centric Computing, VL/HCC
Volume2018-October
ISSN (Print)1943-6092
ISSN (Electronic)1943-6106

Other

Other2018 IEEE Symposium on Visual Languages and Human-Centric Computing, VL/HCC 2018
CountryPortugal
CityLisbon
Period10/1/1810/4/18

Keywords

  • Android Security
  • Natural Language Processing
  • Rationale
  • Runtime Permission

ASJC Scopus subject areas

  • Computational Theory and Mathematics
  • Human-Computer Interaction
  • Software

Fingerprint Dive into the research topics of 'A large-scale empirical study on android runtime-permission rationale messages'. Together they form a unique fingerprint.

Cite this