InfoSec Seminar: Device Purchase as an Opportune Moment for Security Behavior Change / Perceptions and Reality of Windows 10 Home Edition Update Features

Speaker: Simon Parkin

Date/Time: 14-Feb-2019, 16:00 UTC

Venue: Robert 3.09



I will be discussing two recent user studies in security. In the first, we explore how an exemplar, positive experience -- buying a new device -- can serve as a "security trigger moment". Through in-situ interviews with customers (n=85) and sales staff (n=21) across four branches of a major UK retailer, we characterise the potential for behavior change during device purchase. Rather than assuming that users are always ready for an intervention, we explore how the abilities and motivations of users and sales staff can influence the power of a security trigger moment to drive behavior change. The second study investigates the appropriateness of features for managing updates on Windows 10 Home edition for computer owners. We build a model of Windows 10 update behaviour to identify interaction points between the update system and the users. We contrast this with a survey with 93 participants. While overall perceptions of updates were positive, the pattern of use of almost all participants was incompatible with the default setting of the 'active hours' feature. Half of our participants report unexpected restarts, while half also reported growing concern about the state of their device if an update took a long time. Participants who had previous negative experiences had weaker beliefs about their ability to control updates than those who had not.


Simon Parkin conducts research into the usability of security technologies, articulating tensions between security and other concerns (such as productivity). Simon complements collaboration with larger organisations with examination of security management activities in small businesses and charities, as well as for home users. Following completion of his PhD at Newcastle University in 2007, he was a Research Associate on the inter-disciplinary Trust Economics project through to 2011, moving to the Innovation Team at HP Enterprise Security Services until mid-2012, before joining UCL.

Add to Calendar

This page was last modified on 27 Mar 2014.