@inproceedings{9fa34321df034015b44e856a8e889952,
title = "A large-scale empirical study on android runtime-permission rationale messages",
abstract = "After Android 6.0 introduces the runtime-permission system, many apps provide runtime-permission-group rationales for the users to better understand the permissions requested by the apps. To understand the patterns of rationales and to what extent the rationales can improve the users' understanding of the purposes of requesting permission groups, we conduct a large-scale measurement study on five aspects of runtime rationales. We have five main findings: (1) less than 25% apps under study provide rationales; (2) for permission-group purposes that are difficult to understand, the proportions of apps that provide rationales are even lower; (3) the purposes stated in a significant proportion of rationales are incorrect; (4) a large proportion of customized rationales do not provide more information than the default permission-requesting message of Android; (5) apps that provide rationales are more likely to explain the same permission group's purposes in their descriptions than apps that do not provide rationales.",
keywords = "Android Security, Natural Language Processing, Rationale, Runtime Permission",
author = "Xueqing Liu and Yue Leng and Wei Yang and Wenyu Wang and Chengxiang Zhai and Tao Xie",
note = "Publisher Copyright: {\textcopyright} 2018 IEEE.; 2018 IEEE Symposium on Visual Languages and Human-Centric Computing, VL/HCC 2018 ; Conference date: 01-10-2018 Through 04-10-2018",
year = "2018",
month = oct,
day = "23",
doi = "10.1109/VLHCC.2018.8506574",
language = "English (US)",
series = "Proceedings of IEEE Symposium on Visual Languages and Human-Centric Computing, VL/HCC",
publisher = "IEEE Computer Society",
pages = "137--146",
editor = "Caitlin Kelleher and Gregor Engels and Fernandes, {Joao Paulo} and Jacome Cunha and Jorge Mendes",
booktitle = "Proceedings - 2018 IEEE Symposium on Visual Languages and Human-Centric Computing, VL/HCC 2018",
}