Conference Paper

Trusting smartphone Apps? To install or not to install, that is the question

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

Smartphones are becoming the mobile hubs of information for many people and companies. What started as a way to provide users with the flexibility of installing small software components called Apps to enhance the usability of their phone has grown into a global market with hundreds of thousands of applications built by thousands of developers. However, while there are plenty of well established companies developing useful applications or entertaining games there is no easy way to differentiate them from companies that put users at risk or worse are directly distributing malware or spyware. One attribute that is often used in distinguishing “good” Apps from “bad” ones are their ratings. Nevertheless, research has shown that this can prove to be an unreliable metric, especially in cases with low rating counts. Reviews are also supposed to provide the user with an assessment of an App's trustworthiness by real people. However, fake reviews written by collaborators of the developer or the developer himself are common to boost an App's ranking. How is the average user able to distinguish between real and fake reviews? Finally, Apps run inside a security sandbox and need permissions to interact with the smartphone and the data stored on it. The problem is that users are usually not aware of what specific permissions mean or why they need to be granted. In this paper we present a trustworthiness assessment model for Apps that takes into consideration these factors as well as others to provide the user with an indication of whether an App can be trusted and if so why. Furthermore, the model incorporates various relations between Apps and we discuss whether or not they should have an impact on the individual App's assessment. The research demonstrates that in order to make a decision to install an App one has to consider more than just App information and look into its associated meta data as well.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... 3) Assessment of Trustworthiness factors: In this section, we discuss the metrics leveraged to assess specific trustworthiness factors in this paper. a) Ratings: Kuehnhausen et al. [27] proposed a metric to assess the confidence (certainty) of the ratings ("Star" ratings) associated with mobile applications. The metric considers different types of rating distributions in order to calculate the confidence value of the ratings. ...
... As a result, reviews are a valuable additional surce of information, along with star ratings. Kuehnhausen et al. [27] proposed a metric to analyze the sentiments in the review text. Sentiment analysis can be used to assess the confidence (certainty) in the review text associated with a star rating. ...
... Our server prototype and mobile App are open source and available in github 5 . In this section, we evaluate our Trust4App framework, comparing it with the state-of-the-art trustworthiness calculation framework of [27], namely trust + with respect to the provided features. Then, we show how our framework is able to provide improved trustworthiness scores to the users compared to trust + . ...
... Android, BlackBerry, iOS, Windows Mobile and Windows Phone) [227]. Articles on Risk Ranking describe the danger levels of smartphone apps and focus on the utilisation of a security distance model to extend security enforcement in Android smartphones [228], the development of a trustworthy security assessment model for different apps [229], the development of a malware detection model for smartphones based on an artificial immune system [230] and the construction of a framework that allows users to install apps in either the trusted or probation mode [231]. ...
... To maintain the safety and security of these marketplaces, people have begun to demand for mechanisms or systems that can guarantee the security of smartphone users. Meanwhile, other users have underscored the importance of maintaining the rapid increase in the number of smartphone users and apps and safeguarding the simple designs and customisations of OS marketplaces from malware and other threats that compromise the privacy of users; these mechanisms or systems protect the downloaded apps from common rooting, malware and spyware circulation as well as guarantee the safety of the users' personal and financial information [64,72,92,100,160,176,229,231]. ...
... Therefore, individuals and corporations must deal with information security issues on their own. Smartphone users frequently ignore security risks, click on pop-up windows and ignore the permission requirements of certain software, all of which explain why many smartphones have been infected with viruses [38,91,159,229]. These users are also unaware of the purpose of these permissions or why they must be granted. ...
Article
Full-text available
The new and disruptive technologies for ensuring smartphone security are very limited and largely scattered. The available options and gaps in this research area must be analysed to provide valuable insights about the present technological environment. This work illustrates the research landscape by mapping the existing literature to a comprehensive taxonomy with four categories. The first category includes review and survey articles related to smartphone security. The second category includes papers on smartphone security solutions. The third category includes smartphone malware studies that examine the security aspects of smartphones and the threats posed by malware. The fourth category includes ranking, clustering and classification studies that classify malware based on their families or security risk levels. Several smartphone security apps have also been analysed and compared based on their mechanisms to identify their contents and distinguishing features by using several evaluation metrics and parameters. Two malware detection techniques, namely, machine-learning-based and non-machine-learning-based malware detection, are drawn from the review. The basic characteristics of this emerging field of research are discussed in the following aspects: (1) motivation behind the development of security measures for different smartphone operating system (Oss), (2) open challenges that compromise the usability and personal information of users and (3) recommendations for enhancing smartphone security. This work also reviews the functionalities and services of several anti-malware companies to fully reveal their security mechanisms, features and strategies. This work also highlights the open challenges and issues related to the evaluation and benchmarking of malware detection techniques to identify the best malware detection apps for smartphones.
... Given the potential perils of in-app purchases, permissions, permission groups and malware, consumers need guidance when purchasing apps. Previous research has shown that consumers do not fully understand permissions (Kelly et al., 2012;Kuehnhausen and Frost, 2013), and that many consumers look at an app's star ratings as a gauge of quality (Harris et al., 2015), even though star ratings do not necessarily indicate app safety (Kuehnhausen and Frost, 2013). Other research has suggested that consumers should investigate app developers in an attempt to locate quality developers and, in turn, find quality apps (IC3, 2012). ...
... Given the potential perils of in-app purchases, permissions, permission groups and malware, consumers need guidance when purchasing apps. Previous research has shown that consumers do not fully understand permissions (Kelly et al., 2012;Kuehnhausen and Frost, 2013), and that many consumers look at an app's star ratings as a gauge of quality (Harris et al., 2015), even though star ratings do not necessarily indicate app safety (Kuehnhausen and Frost, 2013). Other research has suggested that consumers should investigate app developers in an attempt to locate quality developers and, in turn, find quality apps (IC3, 2012). ...
... No upfront explanation was given as to what would cost $99.99 or how often it could be purchased. Consistent with prior research (Kuehnhausen and Frost, 2013), this app demonstrates how app ratings do not correlate with security and privacy. This app included excessive permission requests and should be avoided. ...
Article
Full-text available
Abstract Purpose – This paper aims to investigate Google’s top developers’ apps with trust badges to see if they warrant an additional level of trust and confidence from consumers, as stated by Google. Design/methodology/approach – Risky app permissions and in-app purchases (IAP) from Google’s top developers and traditional developers were investigated in several Google Play top app categories, including Editor’s Choice apps. Analysis was performed between categories and developer types. Findings – Overall, Google’s top developers’ apps request more risky permissions and IAP than do traditional developers. Other results indicate that free apps are more dangerous than paid apps and star ratings do not signify safe apps. Research limitations/implications – Because of a limited number of Google’s top developers and Editor’s Choice apps, conclusions are drawn from a small sample of apps and not the entire market. Practical implications – Google’s top developers’ apps are suited well for increasing revenue for Google and developers at the consumer’s expense. Consumers should be wary of top developer trust badges. Social implications – As the lure for “top free” and “top developer” software is strong among consumers, this research contributes to societal welfare in that it makes consumers aware that Google top developer app trust badges and free apps are more dangerous than traditional developer and paid apps, as they request risky permissions at a much higher frequency. Therefore, consumers should be very careful when downloading apps that are advertised as “top free” or “top developer”. Originality/value – Google’s top developers’ apps and Editors’ Choice apps have not been investigated from the perspective of permissions and IAP before.
... "Currently available reviews of mHealth apps have largely focused on personal impressions, rather than evidence-based, unbiased assessments of clinical performance and data security" (Powell et al., 2014a). On diligent scrutiny, many healthcare apps fail reasonable safety criteria (Nicholas et al., 2015;Kuehnhausen & Frost, 2013). Indeed, systematic reviews of mobile healthcare apps have found crippling defects in nearly every app studied (Nicholas et al., 2015;Chen et al., 2015;Lamichhane & Armstrong, 2015). ...
... com/webstore/)-retrieve a large and unwieldy set of apps in response to general search terms (Shen et al., 2015), contributing to a clinician's "healthapp overload" (van Vesen et al., 2013;Farag et al., 2016) from the over 165,000 health apps publically available (Reynolds et al., 2015). The descriptions, popularity statistics, and user reviews posted for each app retrieved on "store" outlets may be all that a clinician takes time to consider, but these data are insufficient to clarify which apps are worth looking into and certainly are not a reliable basis for bringing an app into clinical use (Nicholas et al., 2015;Kuehnhausen & Frost, 2013;Girardello & Michahelles, 2010;Huguet et al., 2016;Zaidan & Roehrer, 2016). Improving search functionality alone has little prospect of incremental benefit for clinicians, for patients, for carers, or for the general consumer (Lorence & Greenberg, 2006). ...
Article
Full-text available
The inadequacy of infrastructure for bringing mobile healthcare apps from developers to clinical practitioners has kept the 165,000+ currently available healthcare apps from integration into routine clinical practice. The absence of regulatory and certification processes and the unlikelihood that many apps will be tested with credible clinical trials leaves it up to expert reviews to lead clinicians to high-quality apps. However, most app reviews are not collected in an easily searchable location that facilitates comparison of the merits of alternative apps, and surveys of existing expert reviews reveal a lack of standards for objective and reliable assessments. Furthermore, most published recommendations for apps are not based on their validity or appropriateness for clinical use.This article describes development of the Interactive Mobile App Review Toolkit (IMART), a technology-assisted system for producing verifiable app reviews intended for clinicians and its accompanying evidence-based thesaurus of standards. IMART will present systematized reviews in a searchable, curated library where clinicians can find and compare reviews about apps that are tagged as to the treatment needs of clients/patients and that address how the apps could be integrated into the visitor’s clinical practice.The assessment criteria in the “Digital Health Standards Thesaurus” can be used in reviewing apps and other digital health products, in developing apps, in making decisions about investing venture capital or foundation funds into concepts for new digital health products, and in selecting such products into the “formularies” of third party payers.
... For commercial organizations, online reviews are a new element in marketing communication mix and can perform the role of salespersons, as reviews help customers in identifying products that perfectly suit their needs and conditions (Chen and Xie 2008). The usefulness of reviews for customers is grounded on the notion that users associate reviews with recommendations from real people (Kuehnhausen and Frost 2013). ...
... Reviews of mobile apps enable users to promote an app they are satisfied with or to send warnings about an app's limitations to potential users (Vasa et al. 2012). For people without any experience with an app, reviews about it are valuable sources for users' decision to download that app, as those reviews are critical for evaluating the app's quality (Burgers et al. 2016;Kuehnhausen and Frost 2013) and desirability (Burgers et al. 2016). ...
Article
Full-text available
Online reviews can make or break a mobile app. Various studies have shown that reviews, especially when their valence is primarily positive, can contribute to the survival of a particular app in a stiffly competitive market. Hence, it is in the best interest of app developers to gain insights into the motivations of app users to review apps they have used. To address the question on the factors influencing people’s intention to write reviews for apps, an extended version of the Theory of Planned Behavior (with the inclusion of various writing functions as predictors) was tested with data from 203 German mobile app users. Results of structural equation modeling reveal that people’s intention to review certain apps is a function of four factors, namely their attitude towards writing reviews, subjective norm, and review writing’s ego-defensive and emotional expression functions. Furthermore, both review writing’s ego-defensive and emotional expression functions positively influence app users’ attitude towards writing reviews.
... Researchers have long studied the factors that influence the trustworthiness of mobile apps in online stores. Because of that, numerous frameworks have been proposed to assess their trustworthiness [14], risk [15], quality and suspicious behavior [16,17]. Determining the removability of mobile apps from the App stores is a challenging problem because there are numerous potential reasons as to why mobile applications get removed from these stores. ...
... Researchers have long studied the factors that influence the trustworthiness of mobile applications in online stores. For example, Kuehnhausen and Victor [14] proposed a trustworthy model for mobile applications based on various factors, namely ratings, permissions, reviews and the relationships between applications. However, the number of features that were used in building the model is relatively small. ...
Preprint
Full-text available
Mobile app stores are the key distributors of mobile applications. They regularly apply vetting processes to the deployed apps. Yet, some of these vetting processes might be inadequate or applied late. The late removal of applications might have unpleasant consequences for developers and users alike. Thus, in this work we propose a data-driven predictive approach that determines whether the respective app will be removed or accepted. It also indicates the features' relevance that help the stakeholders in the interpretation. In turn, our approach can support developers in improving their apps and users in downloading the ones that are less likely to be removed. We focus on the Google App store and we compile a new data set of 870,515 applications, 56% of which have actually been removed from the market. Our proposed approach is a bootstrap aggregating of multiple XGBoost machine learning classifiers. We propose two models: user-centered using 47 features, and developer-centered using 37 features, the ones only available before deployment. We achieve the following Areas Under the ROC Curves (AUCs) on the test set: user-centered = 0.792, developer-centered = 0.762.
... Además, las calificaciones con estrellas de las aplicaciones, usadas por estos sitios, brindan información subjetiva de calidad y producen poca o ninguna información significativa [5]. Las investigaciones demuestran que estas calificaciones resultan ser una métrica poco fiable [6]. Aparte de la búsqueda en sitios web y en las tiendas de aplicaciones, los padres y terapeutas deben considerar qué competencias específicas desean mejorar en las personas con autismo. ...
... Por otro lado, en las tiendas de aplicaciones solo existen las calificaciones con estrellas [49] que son subjetivas, se basan en la popularidad y producen poca o ninguna información significativa [5]. Varios estudios han demostrado que estas calificaciones son una métrica poco fiable [6], [49]. ...
Thesis
Full-text available
Access to technology in education is essential for the development of students abilities and skills since it allows improving educational processes. People with autism have a natural affinity to work with Information and Communication Technologies; however, information on the purpose and quality of such applications is scarce. The objective of this work was to perform a review and evaluation of web apps for people with autism. The quality of 69 web apps was evaluated using the Mobile App Rating Scale (MARS) model. The review was performed on a set of free apps from the developers websites Doctor TEA and Pictoaplicaciones. 69 apps were evaluated and classified according to the competences of life defined by Wikinclusion. Most web apps are focused on the competences: natural and social environment, and autonomy, sensorimotor and social skills. Through the IBM SPSS Statistics program, the internal consistency between the categories and subcategories of MARS was analyzed. The average score of the MARS categories obtained good reliability which means there is a high consistency in the measurements performed by app testers. 26 apps obtained a MARS score greater than 4, which means they have acceptable quality. To conclude, this work presents a list of web applications with their respective quality scores, as well as a brief description of them. The list can help parents and therapists from INSFIDIM and other institutions in Ecuador who work with people with autism to select quality apps focused on specific competencies, avoiding loss of time when performing searches based on subjective criteria.
... Given the rapid proliferation of smart phone apps, it is increasingly difficult for users, health professionals, and researchers to readily identify and assess high quality apps [5]. Little information on the quality of apps is available, beyond the star ratings published on retailers' Web pages, and app reviews are subjective by nature and may come from suspicious sources [6]. Selecting apps on the basis of popularity yields little or no meaningful information on app quality [7]. ...
... Nevertheless, the iTunes App Store star ratings available on 15 of the 50 mental health apps rated were only moderately correlated with the MARS total score. This was unsurprising; given the variable criteria likely to be used by different raters, the subjective nature of these ratings, and the lack of reliability of the iTunes star ratings, as has been highlighted in previous research [6]. In addition, the MARS overall star rating score was only moderately correlated with the iTunes App Store star rating. ...
Article
Full-text available
The use of mobile apps for health and well being promotion has grown exponentially in recent years. Yet, there is currently no app-quality assessment tool beyond "star"-ratings. The objective of this study was to develop a reliable, multidimensional measure for trialling, classifying, and rating the quality of mobile health apps. A literature search was conducted to identify articles containing explicit Web or app quality rating criteria published between January 2000 and January 2013. Existing criteria for the assessment of app quality were categorized by an expert panel to develop the new Mobile App Rating Scale (MARS) subscales, items, descriptors, and anchors. There were sixty well being apps that were randomly selected using an iTunes search for MARS rating. There were ten that were used to pilot the rating procedure, and the remaining 50 provided data on interrater reliability. There were 372 explicit criteria for assessing Web or app quality that were extracted from 25 published papers, conference proceedings, and Internet resources. There were five broad categories of criteria that were identified including four objective quality scales: engagement, functionality, aesthetics, and information quality; and one subjective quality scale; which were refined into the 23-item MARS. The MARS demonstrated excellent internal consistency (alpha = .90) and interrater reliability intraclass correlation coefficient (ICC = .79). The MARS is a simple, objective, and reliable tool for classifying and assessing the quality of mobile health apps. It can also be used to provide a checklist for the design and development of new high quality health apps.
... App stores provide star ratings that may be artificially inflated and user reviews that are subjective by nature. 10 Thus, there is a need for the continuous quality review and evaluation of health apps to help consumers and researchers navigate the mHealth space. [11][12][13] In recent years, scientific publications reviewing the quality of health apps have proliferated 14,15 ; however, those reviews are addressed predominantly to the scientific community and offer limited accessibility to the public. ...
Article
Full-text available
Objective: While the professional version of the Mobile App Rating Scale (MARS) has already been translated, and validated into the Spanish language, its user-centered counterpart has not yet been adapted. Furthermore, no other similar tools exist in the Spanish language. The aim of this paper is to adapt and validate User Version of the MARS (uMARS) into the Spanish language. Materials and methods: Cross-cultural adaptation, translation, and metric evaluation. The internal consistency and test-retest reliability of the Spanish version of the uMARS were evaluated using the RadarCovid app. Two hundred and sixteen participants rated the app using the translated scale. The app was then rated again 2 weeks later by 21 of these participants to measure test-retest reliability. Results: No major differences were observed between the uMARS original and the Spanish version. Discrimination indices (item-scale correlation) obtained appropriate results for both raters. The Spanish uMARS presented with excellent internal consistency, α = .89 and .67 for objective and subjective quality, respectively, and temporal stability (r > 0.82 for all items and subscales). Discussion: The Spanish uMARS is a useful tool for health professionals to recommend high-quality mobile apps to their patients based on the user's perspective and for researchers and app developers to use end-user feedback and evaluation, to help them identify highly appraised and valued components, as well as areas for further development, to continue ensuring the increasing quality and prominence of the area of mHealth. Conclusion: uMARS Spanish version is an instrument with adequate metric properties to assess the quality of health apps from the user perspective.
... Beyond ratings with stars that are subjective based on popularity and producing little or no meaningful information [16]. Research has shown that these qualifications may result to be an unreliable metric [17]. The only specific and reliable quality rate tool for mobile health apps providing a multidimensional measure is Mobile App Rating Scale (MARS) [15]. ...
... Technology-generated ratings may work like a virus scanner by looking for suspicious patterns in the app [10] or by comparing the app to known malware. The algorithm may incorporate user feedback and permissions use to assign a trustworthiness metric, as proposed by Kuehnhausen and Frost [11]. In another automated method, software examines the functionality of an app and compares it to the functionally of other known apps [12]. ...
Conference Paper
Mobile application (app) stores are a critical source of information about risk in an uncertain environment. App stores ought to assess and communicate the risk associated with an installation so that users are discouraged from installing risky or harmful apps in app stores. However, only a limited number of studies offer designers information about how to communicate risk effectively. We focused on the user’s trust associated with security information stemming from crowd-sourced evaluations compared to those generated from an automated system. Both of these sources of security information are pervasively used to indicate possible risk associated with an app. We investigated whether biases exist for a particular source of information given similar amount of security information being available. We found that participants preferred to install apps rated by automation to those rated by humans despite equivalence in stated risk. Further, we found evidence of a gender difference in trust in automation.
... However, user reviews are known to be subjective and unreliable and app popularity is not strongly associated with app quality. 30,31 Therefore, there is little information beyond the star rating system and user reviews, which do not serve as reliable indicators of the evidence base for the strategies suggested within the app. ...
Article
Background: Mobile health medication reminder apps may be a useful supplement to traditional adherence-promotion interventions for pediatric chronic illness populations because they can give real-time reminders and provide education and promote behavior modification (components known to enhance adherence in traditional interventions) in an engaging and developmentally acceptable way. Moreover, apps have the potential to be used by youth and parents, an important consideration given that shared involvement in condition management is associated with better adherence. Introduction: This study evaluated the content and usability of existing medication reminder apps operating on the Apple platform. Materials and methods: Two researchers coded 101 apps on 15 desirable reminder, educational, and behavioral modification features. Usability testing was conducted with the subset of apps (n = 8) that had the greatest number of content features using a validated measure. Results: Apps contained an average of 4.21 of 15 content features, with medication reminder features being more common than either educational or behavioral modification features. Apps most commonly included a medication name storage feature (95%), a time-based reminder feature (87%), and a medication dosage storage feature (68%). Of the eight apps that had the highest number of content features, Mango Health, myRX Planner, and MediSafe evidenced the highest usability ratings. No apps identified were specifically designed for pediatric use. Discussion: Most apps lacked content known to be useful in traditional pediatric adherence-promotion interventions. Greater attention to educational and behavioral modification features may enhance the usefulness of medication reminder apps for pediatric groups. Conclusion: Collaborations between behavioral medicine providers and app developers may improve the quality of medication reminder apps for use in pediatric populations.
... Furthermore, app stores provide information such as the number of times an app has been downloaded and user reviews or scores to help people choose which apps to download. However, people often delete downloaded apps that they are dissatisfied with, and reviews are optional and subjective [18][19][20]. Moreover, app descriptions do not generally contain advice or safety information to serve as tools for medical care, and the quality of these apps is not guaranteed [21,22]. ...
Article
Full-text available
Objectives: The purpose of this study was to explore the use of mobile applications about pregnancy, birth, and child care among pregnant women and to review the characteristics, contents, and credibility of the applications used by these women. Methods: This study was cross-sectional and was conducted using a survey method. One hundred and ninety-three pregnant women participated in this study. The questionnaire was developed to examine the pattern and reasons for pregnancy-related application usage. The 47 mobile apps used by participants were reviewed and categorized based on functions and developers. The credibility of the information provided by the mobile applications was evaluated using a structured measurement. Results: Fifty-five percent of the participants were using mobile apps related to pregnancy, birth, and/or child care. First-time mothers used the apps significantly more often than women who were pregnant for the second time. Women who had used a smartphone for a longer period of time were more likely to use apps related to pregnancy, birth, and/or child care. The most frequently-used information concerned signs of risk and disease during pregnancy. Experts' quick opinions and Q&A formats related to diet and medication administration during pregnancy were the women's most cited need for content in applications. Information was the most common function of the apps. In the evaluation of information credibility, the 'information source' category had the lowest score. Conclusions: The results showed that applications related to pregnancy, birth, and child care have become an important information source for pregnant women. To fulfill the needs of users, credible applications related to pregnancy, birth, and child care should be developed and managed by qualified healthcare professionals.
... This is in stark contrast to traditional computers where installing specialised software just to see a particular news source or check the weather seems very far-fetched. Given the wealth of personal information and functionality that could be available to unrestricted programmes, great efforts have been made to set up permissions systems to regulate app behaviour [10,11]. ...
Article
Full-text available
This paper describes how mobile device apps can inadvertently broadcast personal information through their use of wireless networks despite the correct use of encryption. Using a selection of personas we illustrate how app usage can be tied to personal information. Users would likely assume the confidentiality of personal information (including age, religion, sexuality and gender) when using an encrypted network. However, we demonstrate how encrypted traffic pattern analysis can allow a remote observer to infer potentially sensitive data passively and undetectably without any network credentials.
... Since proper review are quality criteria are not available for such apps, users install and uninstall the apps and leave residue or corrupt the OS. Kuehnhausen and Frost (2013) argued that from plenty apps available there is no easy way to differentiate one that put users at risk or worse and are directly distributing malware or spyware. One attribute that is often used in distinguishing "good" Apps from "bad" ones are their ratings which are unreliable when number of reviewers are very low. ...
Article
Full-text available
Mobile trading system is financial software for Smartphones that enables investors to make their buy or sell from a mobile phone that has internet connectivity. The application helps the investors to do their financial tasks from anywhere and anytime. The penetration of Smartphones and internet usage has made more and more people use this application. Performance of the application depends on the quality of the app. Similar to earlier studies of website quality (WebQual) and Smartphone application quality (AppQual), this paper looks at developing a scale for measuring the design quality of the mobile trading application software for the Smartphones.
... F I N A L -D R A F T Android manifest of apps in the same category Kuehnhausen and Frost [18] Intercorrelated permission usage in the same app cate- gory ...
Article
One of the great innovations of the modern world is the Smartphone app. The sheer multitude of available apps attests to their popularity and general ability to satisfy our wants and needs. The flip side of the functionality these apps offer is their potential for privacy invasion. Apps can, if granted permission, gather a vast amount of very personal and sensitive information. App developers might exploit the combination of human propensities and the design of the Android permission-granting interface to gain permission to access more information than they really need. This compromises personal privacy. The fact that the Android is the globally dominant phone means widespread privacy invasion is a real concern.
... Store's star rating systems and download ranges are frequently used to indicate popularity and indirectly measure the "success" of these apps. However, using those as criteria yields little or no meaningful information on app quality as has been discussed on occasions [32]. The lack of standardized quality measures continues to be concerning, as app use carries risk and can lead to adverse outcomes for both patients and clinicians [33]- [35]. ...
Article
Full-text available
Multiple Sclerosis (MS) is an unpredictable, often disabling disease that can adversely affect any body function; this often requires persons with MS to be active patients who are able to self-manage. There are currently thousands of health applications available but it is unknown how many concern MS. We conducted a systematic review of all MS apps present in the most popular app stores (iTunes and Google Play store) on June 2016 to identify all relevant MS apps. After discarding non-MS related apps and duplicates, only a total of 25 MS apps were identified. App description contents and features were explored to assess target audience, functionalities, and developing entities. The vast majority of apps were focused on disease and treatment information with disease management being a close second. This is the first study that reviews MS apps and it highlights an interesting gap in the current repertoire of MS mHealth resources.
... These methods are not ideal as beyond the stores' star ratings published; little information on the quality of apps is available. Using this popularity criteria yields little or no meaningful information on app quality as has been discussed on occasions [47]. The lack of standardized quality measures continues to be concerning, as app use carries risk and can lead to adverse outcomes for both patients and clinicians [48][49][50]. ...
Article
Full-text available
Background Breast cancer is the most common cancer in women. The use of mobile software applications for health and wellbeing promotion has grown exponentially in recent years. We systematically reviewed the breast cancer apps available in today’s leading smartphone application stores and characterized them based on their features, evidence base and target audiences. Methods A cross-sectional study was performed to characterize breast cancer apps from the two major smartphone app stores (iOS and Android). Apps that matched the keywords “breast cancer” were identified and data was extracted using a structured form. Reviewers independently evaluated the eligibility and independently classified the apps. Results A total of 1473 apps were a match. After removing duplicates and applying the selection criteria only 599 apps remained. Inter-rater reliability was determined using Fleiss-Cohen’s Kappa. The majority of apps were free 471 (78.63%). The most common type of application was Disease and Treatment information apps (29.22%), Disease Management (19.03%) and Awareness Raising apps (15.03%). Close to 1 out of 10 apps dealt with alternative or homeopathic medicine. The majority of the apps were intended for patients (75.79%). Only one quarter of all apps (24.54%) had a disclaimer about usage and less than one fifth (19.70%) mentioned references or source material. Gamification specialists determined that 19.36% contained gamification elements. Conclusions This study analyzed a large number of breast cancer-focused apps available to consumers. There has been a steady increase of breast cancer apps over the years. The breast cancer app ecosystem largely consists of start-ups and entrepreneurs. Evidence base seems to be lacking in these apps and it would seem essential that expert medical personnel be involved in the creation of medical apps
... Another aspect of online environments in which name complexity may play a relevant role are the online platforms themselves -the websites, mobile apps, search engines, among others (Corritore et al., 2003). Because accessing the online platforms that support the commercial or social transactions is the first step to actually engage in those interactions, the name that companies or entrepreneurs choose to give to their online sites needs to be extremely well crafted, otherwise individuals may not even register with the website or download the app (Keller et al., 1998;Yorkston and Menon, 2004;Pranata et al., 2012;Kuehnhausen and Frost, 2013). ...
Article
Full-text available
Can the mere name of a seller determine his trustworthiness in the eye of the consumer? In 10 studies (total N = 608) we explored username complexity and trustworthiness of eBay seller profiles. Name complexity was manipulated through variations in username pronounceability and length. These dimensions had strong, independent effects on trustworthiness, with sellers with easy-to-pronounce or short usernames being rated as more trustworthy than sellers with difficult-to-pronounce or long usernames, respectively. Both effects were repeatedly found even when objective information about seller reputation was available. We hypothesized the effect of name complexity on trustworthiness to be based on the experience of high vs. low processing fluency, with little awareness of the underlying process. Supporting this, participants could not correct for the impact of username complexity when explicitly asked to do so. Three alternative explanations based on attributions of the variations in name complexity to seller origin (ingroup vs. outgroup), username generation method (seller personal choice vs. computer algorithm) and age of the eBay profiles (10 years vs. 1 year) were tested and ruled out. Finally, we show that manipulating the ease of reading product descriptions instead of the sellers’ names also impacts the trust ascribed to the sellers.
... A confiança é o que distingue muitas vezes uma boa de uma má aplicação. Os dispositivos móveis são neste momento centros de informação, de pessoas e empresas, o que torna a segurança das aplicações um fator crucial (Kuehnhausen & Frost, 2013). ...
Thesis
E-Recruitment, a term that refers to online recruitment, has been increasingly adopted by companies, that are prone to changes and ready to the constant evolution of society. Thus, this study aims to evaluate the impact of a recruitment application in Portugal. This application was developed to meet the needs of candidates and employers, and its evaluation is made in terms of quality-in-use by both parties, small and medium-sized companies in Portugal and potential job offers applicants. Quality-in-use is a term that allows to evaluate the quality attributed to a software by the user through its use, evaluating various attributes of the software, including the impact that the system has on the user. To achieve the results related to the defined objective, a preliminary study and a study, regarding the developed application’s evaluation, were carried out, aiming for both strands, recruiter and candidate. In the preliminary study, 140 answers were obtained to assess the status of online recruitment in Portugal. It has been validated that the Internet is the most used method to search for job offers. Then, managers from six companies were interviewed, producing a qualitative evaluation of the application, accompanied by a survey to achieve its quantitative evaluation (3,36 in 4 points). Simultaneously, a quantitative study was carried out among the candidates for evaluation of the mobile application, 3,67 out of 4 possible. Thus, it was verified that the application developed is suitable for candidates. However, despite the positive evaluation, recruiters point to improvements in the company module.
... Trust is what distinguishes often a good from a bad application. Mobile devices are now information centres, from people and companies, which makes application security a crucial factor (Kuehnhausen and Frost, 2013). ...
Article
Full-text available
E-Recruitment, a term that refers to online recruitment, has been increasingly adopted by companies that are prone to changes and ready to the constant evolution of society. Thus, this study aims to evaluate the impact of a recruitment application in Portugal. This application was developed to meet the needs of candidates and employers, and its evaluation is made in terms of quality-in-use by both parties, small and medium-sized companies in Portugal and potential job offers applicants. To achieve the results related to the defined objective, managers from six companies were interviewed, producing a qualitative evaluation of the application, accompanied by a survey to achieve its quantitative evaluation (3.36 in 4 points). Simultaneously, a quantitative study was carried out among the candidates for evaluation of the mobile application, 3.67 points out of 4 possible. Thus, it was verified that the application developed is suitable for candidates. However, despite the positive evaluation, recruiters point to improvements in the company module.
... Finally, parents indicated to be aware of the impact the app can have on their decision making, with the large majority reporting it could potentially lead parents to opt for the vaccination. Users' awareness of the goal and the high potential of an app are crucial for making an app trustworthy and worth downloading or being recommended [45,46]. ...
Article
Full-text available
Background There is mixed evidence on the effectiveness of vaccination-related interventions. A major limitation of most intervention studies is that they do not apply randomized controlled trials (RCTs), the method that, over the last 2 decades, has increasingly been considered as the only method to provide proof of the effectiveness of an intervention and, consequently, as the most important instrument in deciding whether to adopt an intervention or not. This study, however, holds that methods other than RCTs also can produce meaningful results. Objective The aim of this study was to evaluate 2 mobile phone–based interventions aimed at increasing parents’ knowledge of the measles-mumps-rubella (MMR) vaccination (through elements of gamification) and their psychological empowerment (through the use of narratives), respectively. The 2 interventions were part of an RCT. Methods We conducted 2 studies with the RCT participants: a Web-based survey aimed at assessing their rating of the tool regarding a number of qualities such as usability and usefulness (N=140), and qualitative telephonic interviews to explore participants’ experiences with the app (N=60). ResultsThe results of the survey showed that participants receiving the knowledge intervention (alone or together with the empowerment intervention) liked the app significantly better compared with the group that only received the empowerment intervention (F2,137=15.335; P
... Second, the possibility that user ratings were influenced by fake reviews cannot be excluded. [64,65]. However, there is a reliance on genuine users of the app to mark it down if the app does not live to their expectations, and this review included popular apps with high number of ratings (2.8 million). ...
Article
Full-text available
Background: Within the new digital health landscape, the rise of health apps creates novel prospects for health promotion. The market is saturated with apps that aim to increase physical activity (PA). Despite the wide distribution and popularity of PA apps, there are limited data on their effectiveness, user experience, and safety of personal data. Objective: The purpose of this review and content analysis was to evaluate the quality of the most popular PA apps on the market using health care quality indicators. Methods: The top-ranked 400 free and paid apps from iTunes and Google Play stores were screened. Apps were included if the primary behavior targeted was PA, targeted users were adults, and the apps had stand-alone functionality. The apps were downloaded on mobile phones and assessed by 2 reviewers against the following quality assessment criteria: (1) users' data privacy and security, (2) presence of behavior change techniques (BCTs) and quality of the development and evaluation processes, and (3) user ratings and usability. Results: Out of 400 apps, 156 met the inclusion criteria, of which 65 apps were randomly selected to be downloaded and assessed. Almost 30% apps (19/65) did not have privacy policy. Every app contained at least one BCT, with an average number of 7 and a maximum of 13 BCTs. All but one app had commercial affiliation, 12 consulted an expert, and none reported involving users in the app development. Only 12 of 65 apps had a peer-reviewed study connected to the app. User ratings were high, with only a quarter of the ratings falling below 4 stars. The median usability score was excellent-86.3 out of 100. Conclusions: Despite the popularity of PA apps available on the commercial market, there were substantial shortcomings in the areas of data safety and likelihood of effectiveness of the apps assessed. The limited quality of the apps may represent a missed opportunity for PA promotion.
... At present, there is no comprehensive, universally available methodology to assess the quality of mHealth apps [14]. Additionally, existing five star rating scales available within app stores provide subjective indications of quality which are often unreliable [15]. Given the paucity of current methodologies, unreliability associated with star ratings and ever expanding mHealth app market, the challenge for healthcare professionals to identify high quality apps is becoming increasingly difficult. ...
Preprint
BACKGROUND There has been a rapid growth in the availability and use of mobile health (mHealth) apps around the world in recent years. However, consensus regarding an accepted standard to assess the quality of such apps does not exist. Differing interpretations of quality add to this problem. Consequently, it has become increasingly difficult for healthcare professionals to distinguish apps of high quality from those of lower quality. This exposes both patients and healthcare professionals to unnecessary risk. Despite progress, limited understanding of contributions by those in low- and middle- income countries (LMIC) on this topic exists. As such, the applicability of quality assessment methodologies in LMIC settings remains unexplored. OBJECTIVE The objectives of this rapid review are to; 1) Identify current methodologies within the literature to assess the quality of mHealth apps. 2) Understand what aspects of quality these methodologies address. 3) Determine what input has been made by authors from LMICs. 4) Examine the applicability of such methodologies in low- and middle- income settings. METHODS The review is registered with Prospero (CRD42020205149). A search of PubMed, EMBASE, Web of Science and Scopus was performed for papers relating to mHealth app quality assessment methodologies, published in English between 2005 and the 28th of December, 2020. A thematic and descriptive analysis of methodologies and papers was performed. RESULTS Electronic database searches identified 841 papers. After the screening process, 53 papers remained for inclusion; 6 proposed novel methodologies which could be used to evaluate mHealth apps of diverse medical areas of interest; 8 proposed methodologies which could be used to assess apps concerned with a specific medical focus; 39 used methodologies developed by other published authors to evaluate the quality of various groups of mHealth apps. Authors of 3 papers were solely affiliated to institutes in LMICs. A further 8 papers had at least one co-author affiliated to an institute in a LMIC. CONCLUSIONS Quality assessment of mHealth apps is complex in nature and at times, subjective. Despite growing research on this topic, to date an all-encompassing, appropriate means for evaluating the quality of mHealth apps does not exist. There has been engagement with authors affiliated to institutes in LMICs, however limited consideration of current generic methodologies for application in a LMIC settings have been identified.
... The customer ratings in stores are often an unreliable quality metric [10]. Besides that, it is not feasible to evaluate apps with software quality standards due to its extension, complexity and general-purpose approach [11]. ...
Conference Paper
Using the Mobile App Rating Scale (MARS) base model, this research identifies the underlying quality factors of Apps for People with Disabilities, applying Principal Components Analysis. A group of 257 apps running on various platforms was selected, analyzed and evaluated. The apps are directed to people with intellectual disability, autism, Down syndrome and cerebral palsy. The evaluators were software test specialists. The application of the Principal Components Analysis identified the most relevant quality categories of MARS model, which was grouped into new categories. The overall results show Aesthetics and Functionally as the more critical original quality categories of the analyzed Apps group. Engagement and Information categories have some contradictory characteristics that require commitments.
... It can be downloaded for free in mobile operating system such as Android (Google Play Store) and iOS (Apple Store). One attribute that is often used in distinguishing good apps from bad ones are their ratings [10]. ...
Article
Full-text available
The fast development of mobile applications has widely impact many industries including tourism. Restaurant as one of tourism product must then adapt to this new technology because it will benefit more than mobile web. Domino’s Pizza Indonesia is the first fast food restaurant in Indonesia that launched its mobile application in 2015 and keeps gaining its popularity. The purpose of this research is to identify the Domino’s Pizza Indonesia Mobile Application quality rating and to determine the extent of Domino’s Pizza Indonesia Mobile Application towards purchase intention. This research is using quantitative method. Primary data were collected from Domino’s Pizza Indonesia mobile application and survey using questionnaire. A survey was conducted for 76 respondents using simple random sampling method. Data was analyzed using Mobile Application Rating Scale (MARS) as guidelines that consist of four objectives quality scales; engagement, functionality, aesthetics and information quality; and one subjective quality scales. The results indicate that Domino’s Pizza Indonesia Mobile Application quality considered as good, but assess differently between apps-user and non apps-user. Apps-user assesses information quality as the highest scale while non apps-user assesses functionality quality; with both assess engagement quality as the lowest scale. This research reveals that branded mobile application has strong relationship with purchase intention, despite whether people install the mobile application or not. However, purchase intention is likely influenced more by branded mobile application non apps-user rather than the apps-user itself. Implication of this study provides recommendations for restaurant business to always maintain and enhance the mobile application quality that are expected to be in line with the growth of restaurant revenue.
... Yet, no standardized, objective and efficient way exists to assess the quality of finance apps. While the overall star ratings of mobile apps fulfils an important signaling function for new users, they suffer from several shortcomings, as pointed out by previous research, such as [3]- [6]:  They are biased towards extreme ratings  The textual content of a review and the star rating sometimes mismatch, and the five-star scale is subject to individual interpretation  Reviews of previous app versions might not be valid for the present version anymore  Individual bugs or issues may be addressed in many reviews, thus further biasing the overall rating  The quantity and sentiment of reviews may be heavily influenced by how users are prompted to leave reviews when using the app  Developers may even simply buy beneficial reviews  Competitors may systematically try to leave negative reviews for an app In addition, it is questionable whether following the feedback of the most vocal reviewers would invariably lead to an improved app quality (and other metrics like revenues). It is further debatable whether such reviews are informative enough to help developers infer in which areas their app might need improving, or why exactly their competitors receive better or worse reviews. ...
Conference Paper
Mobile apps increasingly replace face-to-face interactions between financial service providers and their customers. Therefore, it is critical for developers of finance apps to understand users' perception thereof, and to be able to assess the quality of their own app and their competitors' apps. Star ratings as provided by mobile app stores suffer from multiple shortcomings and are not detailed enough to fulfil this purpose. In this work, we thus developed a reliable, objective, multidimensional measure of the quality of mobile finance apps, which includes both generic and domain-specific aspects. We used an iterative approach and expanded on related work in the Health domain, and validated the scale empirically. The resulting app rating scale for finance apps is a reliable, objective measure of app quality, comprised of six subscales and a total of 34 items. It exhibits excellent internal consistency (alpha=.93) and very good interrater reliability (ICC=.74).
... However, there was no correlation between the user star rating and the number of data security measures, which suggests that the user star rating is not an indicator of data protection and privacy and vice versa. Furthermore, user star ratings could originate from fictitious persons, and each person could apply a different focus of evaluation (eg appearance, usability) [79]. Besides, user star ratings from app stores could refer to previous versions of a mobile app, which does not guarantee that the mobile app is up to date and may cause distortions due to evaluations of different versions [43]. ...
Article
Full-text available
Background Through the increasingly aging population, the health care system is confronted with various challenges such as expanding health care costs. To manage these challenges, mobile apps may represent a cost-effective and low-threshold approach to support older adults. Objective This systematic review aimed to evaluate the quality, characteristics, as well as privacy and security measures of mobile apps for older adults in the European commercial app stores. Methods In the European Google Play and App Store, a web crawler systematically searched for mobile apps for older adults. The identified mobile apps were evaluated by two independent reviewers using the German version of the Mobile Application Rating Scale. A correlation between the user star rating and overall rating was calculated. An exploratory regression analysis was conducted to determine whether the obligation to pay fees predicted overall quality. Results In total, 83 of 1217 identified mobile apps were included in the analysis. Generally, the mobile apps for older adults were of moderate quality (mean 3.22 [SD 0.68]). Four mobile apps (5%) were evidence-based; 49% (41/83) had no security measures. The user star rating correlated significantly positively with the overall rating (r=.30, P=.01). Obligation to pay fees could not predict overall quality. Conclusions There is an extensive quality range within mobile apps for older adults, indicating deficits in terms of information quality, data protection, and security precautions, as well as a lack of evidence-based approaches. Central databases are needed to identify high-quality mobile apps.
... Android program of review, credibility and assessment should be a reasonable distribution of statistics users and security research personnel written release. However, plug-ins, order-swiping and agency models and even official agreements have caused the proliferation of false reviews, affecting the ranking and dissemination of apps [82], [83]. The security model of the Android platform through the use of signature-based scanning does not require a trusted security agency to sign developer certificates, thereby allowing the use of self-signed digital certificates to sign many applications. ...
Article
Full-text available
In recent years, the application of smartphones, Android operating systems and mobile applications have become more prevalent worldwide. To study the traceability, propagation, and detection of the threats, we perform research on all aspects of the end-to-end environment. With machine learning based on the mobile malware detection algorithms that integrate the dynamic and static research of the identification algorithm, application software samples are collected to study sentences. Through knowledge labeling and knowledge construction, the association relationship of knowledge is extracted to realize the research of knowledge map construction. Flooding is closely correlated with the complexity of the Android mobile version of the kernel and malicious programs. A static dynamic analysis of the mobile malicious program is carried out, and the social network social diagram is constructed to model the propagation of the mobile malicious program. We extended the approach of deriving common malware behavior through graph clustering. On this basis, Android behavior analysis is performed through our virtual machine execution engine. We extend the family characteristics to the concept of DNA race genes. By studying SMS/MMS, Bluetooth, 5G base station networks, metropolitan area networks, social networks, homogeneous communities, telecommunication networks, and application market ecosystem propagation scenarios, we discovered the law of propagation. In addition, we studied the construction of the mobile Internet big data knowledge graph. Quantitative data for the main family chronology of mobile malware are obtained. We conducted detailed research and comprehensive analysis of Android application package (APK) details and behavior, relationship, resource-centric, and syntactic aspects. Furthermore, we summarized the architecture of mobile malware security analysis. We also discuss encryption of malware traffic discrimination. These precise modeling and quantified research results constitute the architecture of mobile malware analysis.
... Since plenty of apps currently exist, their reliability must be verified [22], as the traditional systems used to test app quality, such as users' star ratings (evaluating apps on a scale of 1 to 5 stars) and reviews, could allow fake or subjective reviews, giving wrong indications to users [23]. Furthermore, app descriptions in app stores are often incomplete or incorrect and are not a valid tool for assessing the quality of an app [24], especially when dealing with sensitive topics such as food allergies. ...
Article
Background: Food allergies and intolerances are increasing worldwide, and mobile phone apps could be a promising tool for self-management of these issues. Objective: This study aimed to systemically search and assess food allergy or intolerance apps in app stores using the multidimensional Mobile App Rating Scale (MARS) to rate the objective and subjective quality and to identify critical points for future improvements. Methods: This systematic search identified apps through the keywords "food allergy," "food intolerance," and "allergens" in English, Spanish, and Italian in the Apple App Store (iOS) and Google Play Store (Android). The inclusion criteria were a user star rating of ≥3 (of 5 stars) to limit the selection to the most highly rated apps; ≥1000 reviews as an indicator of reliability; and the most recent update performed up to 2017. Then, the apps were divided according to their purpose (searching for allergen-free "food products," "restaurants," or recipes in "meal planners") and evaluated on a scale of 1 to 5 points using the MARS in terms of (1) app classification category with a descriptive aim; (2) app subjective and objective quality categories comprised of engagement, functionality, esthetics, and information sections (Medline was searched for eligible apps to check whether they had been tested in trials); and (3) an optional app-specific section. Furthermore, the output and input features were evaluated. Differences between MARS sections and between app purposes and correlations among MARS sections, star ratings, and numbers of reviews were evaluated. Results: Of the 1376 apps identified, 14 were included: 12 related to food allergies and intolerances that detect 2-16 food allergens and 2 related only to gluten intolerance. The mean (SD) MARS scores (maximum 5 points) were 3.8 (SD 0.4) for objective quality, highlighting whether any app had been tested in trials; 3.5 (SD 0.6) for subjective quality; and 3.6 (SD 0.7) for the app-specific section. Therefore, a rating ≥3 points indicated overall acceptable quality. From the between-section comparison, engagement (mean 3.5, SD 0.6) obtained significantly lower scores than functionality (mean 4.1, SD 0.6), esthetics (mean 4, SD 0.5), and information (mean 3.8, SD 0.4). However, when the apps were compared by purpose, critical points were identified: meal planner apps showed significantly higher engagement (mean 4.1, SD 0.4) than food product (mean 3.0, SD 0.6; P=.05) and restaurant (mean 3.2, SD 0.3; P=.02) apps. Conclusions: In this systematic search of food allergy or intolerance apps, acceptable MARS quality was identified, although the engagement section for food product and restaurant purpose apps should be improved and the included apps should be tested in trials. The critical points identified in this systematic search can help improve the innovativeness and applicability of future food allergy and intolerance apps.
... All of the major app stores offering eHealth apps currently use a 5-star rating system to grade their apps, which is one of the factors driving the download behaviors of users. However, these ratings arguably have their issues [13,14]. While alternatives have been proposed [15], we currently do not properly understand how we can personalize the choice of eHealth apps [16]. ...
Article
Full-text available
Background: Existing evaluations of the effects of mobile apps to encourage physical activity have been criticized owing to their common lack of external validity, their short duration, and their inability to explain the drivers of the observed effects. This protocol describes the setup of Health Telescope, a longitudinal panel study in which the long-term effects of mobile electronic health (eHealth) apps are investigated. By setting up Health Telescope, we aim to (1) understand more about the long-term use of eHealth apps in an externally valid setting, (2) understand the relationships between short-term and long-term outcomes of the usage of eHealth apps, and (3) test different ways in which eHealth app allocation can be personalized. Objective: The objectives of this paper are to (1) demonstrate and motivate the validity of the many choices that we made in setting up an intensive longitudinal study, (2) provide a resource for researchers interested in using data generated by our study, and (3) act as a guideline for researchers interested in setting up their own longitudinal data collection using wearable devices. For the third objective, we explicitly discuss the General Data Protection Regulation and ethical requirements that need to be addressed. Methods: In this 4-month study, a group of approximately 450 participants will have their daily step count measured and will be asked daily about their mood using experience sampling. Once per month, participants will receive an intervention containing a recommendation to download an app that focuses on increasing physical activity. The mechanism for assigning recommendations to participants will be personalized over time, using contextual data obtained from previous interventions. Results: The data collection software has been developed, and all the legal and ethical checks are in place. Recruitment will start in Q4 of 2020. The initial results will be published in 2021. Conclusions: The aim of Health Telescope is to investigate how different individuals respond to different ways of being encouraged to increase their physical activity. In this paper, we detail the setup, methods, and analysis plan that will enable us to reach this aim. International registered report identifier (irrid): PRR1-10.2196/16471.
... Since plenty of apps currently exist, their reliability must be verified [22], as the traditional systems used to test app quality, such as users' star ratings (evaluating apps on a scale of 1 to 5 stars) and reviews, could allow fake or subjective reviews, giving wrong indications to users [23]. Furthermore, app descriptions in app stores are often incomplete or incorrect and are not a valid tool for assessing the quality of an app [24], especially when dealing with sensitive topics such as food allergies. ...
Preprint
BACKGROUND Food allergies and intolerances, as adverse reactions to the ingestion, contact or inhalation of a specific food, derivate or additive, are increasing worldwide, whereas mobile phone applications (Apps) are emerging as a promising tool in the management of food allergies and/or intolerances. OBJECTIVE The aim of this review is to systemically search and integrate the information of Apps present in Apple App Store (iOS) and Google Play Store (Android) about food allergies and/or intolerances, and to evaluate their quality through the Mobile App Rating Scale (MARS) tool. METHODS Apps were searched through specific keywords translated in English, Spanish and Italian language (“food allergy”, “food intolerance” and “allergens”). Inclusion criteria were: ≥ 3/5 minimum users’ star rating as a tool to evaluate Apps’ quality; ≥ 1000 reviews as an indicator of reliability; and last update up to 2017. Eligible Apps were evaluated and searched on PubMed to check if already present in scientific articles. Apps’ features were distinguished into input and output ones, depending on whether the contents were inserted by users or automatically generated. The included Apps were divided according to their function (“food products”, “restaurants” and “meal planners” Apps) and evaluated through the MARS tool comprising: 1) App classification category, collecting general and technical information; 2) App quality category, divided into “objective” (including four sections: engagement, functionality, aesthetics, and information) and “subjective” quality; and 3) App specific section, as optional section to evaluate the perceived impact of the App. Only App quality category and App specific section were rated for the quality assessment. For each section, mean±standard deviations (SD), statistical significance between-sections and between Apps’ function were evaluated. RESULTS Fourteen Apps were included: n=12 related to food allergies and intolerances, detecting from 2 to 15 food allergens; and n=2 related to gluten intolerance only. From the MARS quality assessment: a) objective quality scored 3.8±0.4 points (mean± SD of 5 maximum points); b) subjective quality scored 3.5±0.6 points; and c) App specific section scored 3.6±0.7 points. Therefore, Apps resulted in overall acceptable quality, considering ratings ≥ of 3points. From a between-sections comparison, engagement obtained lower scores than functionality, aesthetics and information sections. However, comparing Apps by function, “meal planners” Apps presented higher scores for the engagement section (4.1±0.4 points), than “food products” (3.0±0.6) and “restaurants” Apps (3.2±0.3 points) (P<.05). CONCLUSIONS The present review integrates information of 14 Apps to help consumers to avoid food allergies and/or intolerances, providing suggestions for future Apps. Specifically, the analysed Apps have acceptable quality despite the MARS engagement section should be further improved in “food products” and “restaurants” function Apps. Additionally, for Apps recommendation, their effectiveness in detecting food allergens should be tested in scientific trials.
... Although these are important works and provide insights for privacy researchers, but they do not consider the importance of app meta data analysis such as user reviews, privacy policy, manifest declaration, etc. In [21], the authors investigated the issue of trust when installing a new mobile app. They considered app ratings, reviews and permissions as trust metrics and assessed the trustworthiness of mobile apps. ...
Conference Paper
Smartphone apps have the power to monitor most of peo-ple's private lives. Apps can permeate private spaces, access and map social relationships, monitor whereabouts and chart people's activities in digital and/or real world. We are therefore interested in how much information a particular app can and intends to retrieve in a smartphone. Privacy-friendliness of smartphone apps is typically measured based on single-source analyses, which in turn, does not provide a comprehensive measurement regarding the actual privacy risks of apps. This paper presents a multi-source method for privacy analysis and data extraction transparency of Android apps. We describe how we generate several data sets derived from privacy policies, app manifestos, user reviews and actual app profiling at run time. To evaluate our method, we present results from a case study carried out on ten popular fitness and exercise apps. Our results revealed interesting differences concerning the potential privacy impact of apps, with some of the apps in the test set violating critical privacy principles. The result of the case study shows large differences that can help make relevant app choices.
Chapter
Research suggests that permission requests do not adequately inform users about the implications of granting or denying such requests. It is important that informed consent is given should users grant the request. This paper reports on the results of a study that examined novel comic-based permission request design in terms of user response and preferences for permission-granting decisions. We conducted co-design workshops to design the comic-based permission requests. We then compared our comic-based designs to current Android text-based permission requests using five common permission request types in an online survey. Our results showed that 52% of participants preferred the comic-based requests, and 24% the text-based requests. While comics were found to be an effective medium to achieve informed consent, some participants reported that the text-based request offered sufficient information to make decisions. Given that a relatively large number of participants preferred the comic-based permissions, we encourage future designers to consider alternative forms of permission requests.
Article
Full-text available
There are a large number of mobile applications that allow the monitoring of health status. The quality of the applications is only evaluated by users and not by standard criteria. This study aimed to examine depression-related applications in major mobile application stores and to analyze them using the rating scale tool Mobile Application Rating Scale (MARS). A search of digital applications for the control of symptoms and behavioral changes in depression was carried out in the two reference mobile operating systems, Apple (App Store) and Android (Play Store), by means of two reviewers with a blind methodology between September and October 2019 in stores from Spain and the United Kingdom. Eighteen applications from the Android Play Store and twelve from the App Store were included in this study. The quality of the applications was evaluated using the MARS scale from 1 (inadequate) to 5 (excellent). The average score of the applications based on the MARS was 3.67 ±0.53. The sections with the highest scores were “Functionality” (4.51) and “Esthetics” (3.98) and the lowest “Application Subjective quality” (2.86) and “Information” (3.08). Mobile Health applications for the treatment of depression have great potential to influence the health status of users; however, applications come to the digital market without health control.
Article
Full-text available
Depression is a common mental health condition for which many mobile apps aim to provide support. This review aims to identify self-help apps available exclusively for people with depression and evaluate those that offer cognitive behavioural therapy (CBT) or behavioural activation (BA). One hundred and seventeen apps have been identified after searching both the scientific literature and the commercial market. 10.26% (n = 12) of these apps identified through our search offer support that seems to be consistent with evidence-based principles of CBT or BA. Taking into account the non existence of effectiveness/efficacy studies, and the low level of adherence to the core ingredients of the CBT/BA models, the utility of these CBT/BA apps are questionable. The usability of reviewed apps is highly variable and they rarely are accompanied by explicit privacy or safety policies. Despite the growing public demand, there is a concerning lack of appropiate CBT or BA apps, especially from a clinical and legal point of view. The application of superior scientific, technological, and legal knowledge is needed to improve the development, testing, and accessibility of apps for people with depression.
Article
Full-text available
Background COVID-19 has caused increased stress, anxiety and depression with increased barriers to treatment. Mobile apps offer a potential solution, but there is no information on the quality of such apps recommended for COVID-19. This study aims to evaluate the quality of stress, anxiety and depression apps recommended for COVID-19. Methods A search was conducted to identify relevant apps on the iOS and Android platforms. 44 apps were evaluated using the Mobile App Rating Scale (MARS), and the American Psychiatric Association's app evaluation model for data privacy and security. Results Overall quality scores of iOS and Android apps were 3.69±0.43 and 3.66±0.47. Thirty percent had good/excellent overall scores. In general, the iOS and Android versions of the apps scored best for functionality (4.21±0.48, 4.12±0.53), followed by aesthetics (3.84±0.50, 3.78±0.56), information (3.39±0.54, 3.40±0.60), and engagement (3.31±0.81, 3.34±0.84). Over half (59%) shared personal information with third parties and 14% were compliant with data protection standards. Limitations Only free apps available in Singapore were evaluated. Our results are time sensitive due to addition, removal, and update of apps in the app stores, thus our results should be extrapolated with caution to apps from other countries and paid apps. Conclusion Apps that addressed all three conditions had the highest overall quality scores. The top ranked apps (Sanvello, Woebot, Happify, Youper, Bloom) were of good quality, but majority were of acceptable quality and had room for improvement. App developers are encouraged to use our findings to improve and develop better quality apps.
Article
Full-text available
Background: A growing body of literature affirms the usefulness of mobile technologies, including mobile applications (apps), in the primary prevention field. The quality of health apps, which today number in the thousands, is a crucial parameter, as it may affect health-related decision-making and outcomes among app end-users. The mobile application rating scale (MARS) has recently been developed to evaluate the quality of such apps, and has shown good psychometric properties. Since there is no standardised tool for assessing the apps available in Italian app stores, the present study developed and validated an Italian version of MARS in apps targeting primary prevention. Methods: The original 23-item version of the MARS assesses mobile app quality in four objective quality dimensions (engagement, functionality, aesthetics, information) and one subjective dimension. Validation of this tool involved several steps; the universalist approach to achieving equivalence was adopted. Following two backward translations, a reconciled Italian version of MARS was produced and compared with the original scale. On the basis of sample size estimation, 48 apps from three major app stores were downloaded; the first 5 were used for piloting, while the remaining 43 were used in the main study in order to assess the psychometric properties of the scale. The apps were assessed by two raters, each working independently. The psychometric properties of the final version of the scale was assessed including the inter-rater reliability, internal consistency, convergent, divergent and concurrent validities. Results: The intralingual equivalence of the Italian version of the MARS was confirmed by the authors of the original scale. A total of 43 apps targeting primary prevention were tested. The MARS displayed acceptable psychometric properties. The MARS total score showed an excellent level of both inter-rater agreement (intra-class correlation coefficient of .96) and internal consistency (Cronbach's α of .90 and .91 for the two raters, respectively). Other types of validity, including convergent, divergent, discriminative, known-groups and scalability, were also established. Conclusions: The Italian version of MARS is a valid and reliable tool for assessing the health-related primary prevention apps available in Italian app stores.
Article
Background: The number of mobile health apps (mHealth apps) continues to rise each year. Widespread use of the Mobile Application Rating Scale (MARS) has allowed objective and multidimensional evaluation of the quality of these apps. However, no Japanese version of MARS has been made available to date. Objective: The purpose of this study is (1) to develop a Japanese version of MARS and (2) to assess the translated version's reliability and validity in evaluating mHealth apps. Methods: To develop the Japanese version of MARS, cross-cultural adaptation was adopted using a universalist approach. A total of 50 mental health apps were evaluated by two independent raters. Internal consistency and inter-rater reliability were then calculated. Convergent and divergent validity were assessed using multi-trait scaling analysis and concurrent validity. Results: After cross-cultural adaptation, all 23 items from the original MARS were included in the Japanese version. Following translation, back-translation, and review by the author of the original MARS, a Japanese version of MARS was finalized. Internal consistency was acceptable by all subscales of objective and subjective quality with a Cronbach's alpha of 0.78-0.89. Inter-rater reliability was deemed acceptable with intraclass correlation coefficients (ICC) ranging from 0.61-0.79 in all subscales, except for "Functionality" with an ICC of 0.40. Convergent/divergent validity and concurrent validity were also considered acceptable. The rate of missing responses was high in several items in the "Information" subscale. Conclusions: A Japanese version of MARS was developed and shown to be reliable and valid, comparable to the original MARS. This Japanese version of MARS can be used as a standard to evaluate the quality and credibility of mHealth apps.
Article
Full-text available
Objective: People with Allergic Rhinitis (AR) often self-manage in the community pharmacy setting without consulting health care professionals and trivialize their comorbidities such as asthma. A mobile health application (mHealth app) with a self-monitoring and medication adherence system can assist with the appropriate self-management of AR and asthma. This study aimed to identify an app effective for the self-management of AR and/or asthma. Methods: MHealth apps retrieved from the Australian Apple App Store and Android Google Play Store were included in this study if they were developed for self-management of AR and/or asthma; in English language; free of charge for the full version; and accessible to users of the mHealth app. The mHealth app quality was evaluated on three domains using a two-stage process. In Stage 1, the apps were ranked along Domain 1 (Accessibility in both app stores). In Stage 2, the apps with Stage 1 maximum score were ranked along Domain 2 (alignment with theoretical principles of the self-management of AR and/or asthma) and Domain 3 (usability of the mHealth app using Mobile App Rating Scale (MARS) instrument). Results: Of the 418 apps retrieved, 31 were evaluated in Stage 1 and 16 in Stage 2. The MASK-air achieved the highest mean rank and covered all self-management principles except the doctor’s appointment reminder and scored a total MARS mean score of 0.91/1. Conclusions: MASK-air is ranked most highly across the assessment domains for the self-management of both AR and coexisting asthma. This mHealth app covers the majority of the self-management principles and is highly engaging.
Article
The publication discusses the adaptation of dedicated known methods for structured content analysis for the usage of smartphone apps, taking into account the specifics of these dynamic media types and resulting consequences for the procedure and content rating. The background is the increasing popularity of apps and the growing demand for precise analysis of the status quo regarding the content and functions of apps on the market, esp. within design-oriented business informatics. Within the literature, no uniform, comparable and systematic approach to this could be identified so far. Therefore, an existing standard for the evaluation of apps from the medical context has been adapted for general application to apps. This provides a helpful procedure for researchers, practitioners, and students and ensures consistency across studies. The feasibility of the proposed method and assessment standard were confirmed by a successful demonstrational instantiation based on an app review of energy information systems for private customers.
Article
Full-text available
The purpose of this review was to identify and classify key criteria concepts related to the evaluation of user-facing eHealth programs. In line with the PRISMA statement methodology, computer searches of relevant databases were conducted for studies published between January 1, 2000 and March 1, 2016 that contained explicit quality criteria related to mHealth and eHealth products. Reference lists of included articles, review articles, and grey literature (e.g., books, websites) were searched for additional sources. A team of nine experts led by the first author was gathered to support the classification of these criteria. Identified criteria were extracted, grouped and organized using an inductive thematic analysis. Eighty-four sources – emanating from 26 different courtiers – were included in this review. The team extracted 454 criteria that were grouped into 11 quality domains, 58 criteria concepts and 134 concepts’ sub-groups. Quality domains were: Usability, Visual Design, User Engagement, Content, Behavior Change/Persuasive Design, Influence of Social Presence, Therapeutic Alliance, Classification, Credibility/Accountability, and Privacy/Security. Findings suggest that authors around the globe agree on key criteria concepts when evaluating user-facing eHealth products. The high proportion of new published criteria in the second half of this review time-frame (2008–2016), and more specifically, the high proportion of criteria relating to persuasive design, therapeutic alliance and privacy/security within this time-frame, points to the advancements made in recent years within this field.
Article
Full-text available
Purpose: Smartphone applications (SPApps) have become a key tool for the self-management of low back pain (LBP). However, the scientific evidence behind the outcome measures used in SPApps for LBP is never investigated before. Therefore, this systematic review firstly assess the quality of the free SPApps for LBP, secondly examines the outcome measures used and thirdly evaluates the outcome measures against the International Classification of Functioning, Disability and Health (ICF) core set classifications for LBP. Methods: A systematic scoping review was conducted in the iTunes and Google Play™ on-line stores for LBP SPApps which are free to download. These searches were conducted using keywords suggested by the Cochrane Back and Neck Group. SPApps were screened and downloaded to assess the quality using the Mobile App Rating Scale (MARS). SPApps using outcome measures were reviewed separately to evaluate whether their outcome measures represented any of the ICF components for LBP. Results: The overall quality of the apps has a mean MARS score of 2.5/5. Out of 74 apps reviewed, only four apps had outcome measures that could be linked to ICF components for LBP. Two of the four categories comprising the LBP core set were well represented. Conclusion: The overall quality of the SPApps for LBP is low. Only very few SPApps offer outcome measures to monitor their effectiveness in the management of LBP. There is very limited evidence to show that the outcome measures used in the apps represents all the four core sets of LBP criteria set by ICF.
Article
Background: In recent years, there has been rapid growth in the availability and use of mobile health (mHealth) apps around the world. A consensus regarding an accepted standard to assess the quality of such apps has yet to be reached. A factor that exacerbates the challenge of mHealth app quality assessment is variations in the interpretation of quality and its subdimensions. Consequently, it has become increasingly difficult for health care professionals worldwide to distinguish apps of high quality from those of lower quality. This exposes both patients and health care professionals to unnecessary risks. Despite progress, limited understanding of the contributions of researchers in low- and middle-income countries (LMICs) exists on this topic. Furthermore, the applicability of quality assessment methodologies in LMIC settings remains relatively unexplored. Objective: This rapid review aims to identify current methodologies in the literature to assess the quality of mHealth apps, understand what aspects of quality these methodologies address, determine what input has been made by authors from LMICs, and examine the applicability of such methodologies in LMICs. Methods: This review was registered with PROSPERO (International Prospective Register of Systematic Reviews). A search of PubMed, EMBASE, Web of Science, and Scopus was performed for papers related to mHealth app quality assessment methodologies, which were published in English between 2005 and 2020. By taking a rapid review approach, a thematic and descriptive analysis of the papers was performed. Results: Electronic database searches identified 841 papers. After the screening process, 52 papers remained for inclusion. Of the 52 papers, 5 (10%) proposed novel methodologies that could be used to evaluate mHealth apps of diverse medical areas of interest, 8 (15%) proposed methodologies that could be used to assess apps concerned with a specific medical focus, and 39 (75%) used methodologies developed by other published authors to evaluate the quality of various groups of mHealth apps. The authors in 6% (3/52) of papers were solely affiliated to institutes in LMICs. A further 15% (8/52) of papers had at least one coauthor affiliated to an institute in an LMIC. Conclusions: Quality assessment of mHealth apps is complex in nature and at times subjective. Despite growing research on this topic, to date, an all-encompassing appropriate means for evaluating the quality of mHealth apps does not exist. There has been engagement with authors affiliated to institutes across LMICs; however, limited consideration of current generic methodologies for application in LMIC settings has been identified. Trial registration: PROSPERO CRD42020205149; https://www.crd.york.ac.uk/prospero/display_record.php?RecordID=205149.
Article
Background The number of mobile health apps (MHAs) is growing rapidly. MHAs have great potential to improve health and health care. However, the quality of available MHAs remains unknown due to the lack of quality assessment regulations and standards for MHAs. The Mobile Application Rating Scale (MARS) is the most widely used instrument to assess the quality of MHAs, and available in English, Italian, Spanish, German, French, Arabic and Japanese. However, the scale is currently not available in the Turkish language. Objective This study aimed to cross-culturally adapt the MARS into Turkish and evaluate the validity and reliability of the scale. Methods The MARS was translated and adapted into Turkish according to the international guidelines. A total of 52 pregnancy tracking apps were evaluated by two independent raters. Internal consistency (Cronbach’s alpha), inter-rater reliability (Intraclass Correlation Coefficient [ICC]), convergent validity and concurrent validity were explored. Regarding convergent validity, MARS-TR scores were compared with the ENLIGHT scale. Results The MARS-TR was highly aligned with the original MARS. The MARS-TR showed excellent internal consistency (Cronbach’s alpha of 0.95 for both raters) and excellent inter-rater reliability (ICC = 0.94; SEM = 0.02), with a smallest detectable change (95% confidence level) of 0.05 points for the total score. Cronbach’s alphas for the subscales ranged from 0.76 to 0.94 for the two raters. Correlations between the MARS-TR and ENLIGHT demonstrated adequate convergent validity (P < 0.05). No ceiling or floor effects were observed. Conclusion The results provide evidence that the Turkish version of MARS is a valid and reliable tool for researchers and experts to assess the quality of MHAs in Turkey.
Conference Paper
Full-text available
One of Android's main defense mechanisms against malicious apps is a risk communication mechanism which, before a user installs an app, warns the user about the permissions the app requires, trusting that the user will make the right decision. This approach has been shown to be ineffective as it presents the risk information of each app in a "tand-alone" ashion and in a way that requires too much technical knowledge and time to distill useful information. We introduce the notion of risk scoring and risk ranking for Android apps, to improve risk communication for Android apps, and identify three desiderata for an effective risk scoring scheme. We propose to use probabilistic generative models for risk scoring schemes, and identify several such models, ranging from the simple Naive Bayes, to advanced hierarchical mixture models. Experimental results conducted using real-world datasets show that probabilistic general models significantly outperform existing approaches, and that Naive Bayes models give a promising risk scoring approach.
Article
Full-text available
Mobile malware is rapidly becoming a serious threat. In this paper, we survey the current state of mobile malware in the wild. We analyze the incentives behind 46 pieces of iOS, Android, and Symbian malware that spread in the wild from 2009 to 2011. We also use this data set to evaluate the effectiveness of techniques for preventing and identifying mobile malware. After observing that 4 pieces of malware use root exploits to mount sophisticated attacks on Android phones, we also examine the incentives that cause non-malicious smartphone tinkerers to publish root exploits and survey the availability of root exploits.
Article
Full-text available
Opinionated social media such as product reviews are now widely used by individuals and organizations for their decision making. However, due to the reason of profit or fame, people try to game the system by opinion spamming (e.g., writing fake reviews) to promote or demote some target products. For reviews to reflect genuine user experiences and opinions, such spam reviews should be detected. Prior works on opinion spam focused on detecting fake reviews and individual fake reviewers. However, a fake reviewer group (a group of reviewers who work collaboratively to write fake reviews) is even more damaging as they can take total control of the sentiment on the target product due to its size. This paper studies spam detection in the collaborative setting, i.e., to discover fake reviewer groups. The proposed method first uses a frequent itemset mining method to find a set of candidate groups. It then uses several behavioral models derived from the collusion phenomenon among fake reviewers and relation models based on the relationships among groups, individual reviewers, and products they reviewed to detect fake reviewer groups. Additionally, we also built a labeled dataset of fake reviewer groups. Although labeling individual fake reviews and reviewers is very hard, to our surprise labeling fake reviewer groups is much easier. We also note that the proposed technique departs from the traditional supervised learning approach for spam detection because of the inherent nature of our problem which makes the classic supervised learning approach less effective. Experimental results show that the proposed method outperforms multiple strong baselines including the state-of-the-art supervised classification, regression, and learning to rank algorithms.
Conference Paper
Full-text available
Android provides third-party applications with an extensive API that includes access to phone hardware, settings, and user data. Access to privacy- and security-relevant parts of the API is controlled with an install-time application permission system. We study Android applications to determine whether Android developers follow least privilege with their permission requests. We built Stowaway, a tool that detects overprivilege in compiled Android applications. Stowaway determines the set of API calls that an application uses and then maps those API calls to permissions. We used automated testing tools on the Android API in order to build the permission map that is necessary for detecting overprivilege. We apply Stowaway to a set of 940 applications and find that about one-third are overprivileged. We investigate the causes of overprivilege and find evidence that developers are trying to follow least privilege but sometimes fail due to insufficient API documentation.
Conference Paper
Full-text available
Smartphones are increasingly ubiquitous, and many users carry multiple phones to accommodate work, personal, and geographic mobility needs. We present Cells, a virtualization architecture for enabling multiple virtual smartphones to run simultaneously on the same physical cellphone in an isolated, secure manner. Cells introduces a usage model of having one foreground virtual phone and multiple background virtual phones. This model enables a new device namespace mechanism and novel device proxies that integrate with lightweight operating system virtualization to multiplex phone hardware across multiple virtual phones while providing native hardware device performance. Cells virtual phone features include fully accelerated 3D graphics, complete power, management features, and full telephony functionality with separately assignable telephone numbers and caller ID support. We have implemented a prototype of Cells that supports multiple Android virtual phones on the same phone. Our performance results demonstrate that Cells imposes only modest runtime and memory overhead, works seamlessly across multiple hardware devices including Google Nexus 1 and Nexus S phones, and transparently runs Android applications at native speed without any modifications.
Article
Full-text available
Consumers increasingly rate, review and research products online. Consequently, websites containing consumer reviews are becoming targets of opinion spam. While recent work has focused primarily on manually identifiable instances of opinion spam, in this work we study deceptive opinion spam---fictitious opinions that have been deliberately written to sound authentic. Integrating work from psychology and computational linguistics, we develop and compare three approaches to detecting deceptive opinion spam, and ultimately develop a classifier that is nearly 90% accurate on our gold-standard opinion spam dataset. Based on feature analysis of our learned models, we additionally make several theoretical contributions, including revealing a relationship between deceptive opinions and imaginative writing.
Article
Full-text available
Sentiment analysis of microblogs such as Twitter has recently gained a fair amount of attention. One of the simplest sentiment analysis approaches compares the words of a posting against a labeled word list, where each word has been scored for valence, -- a 'sentiment lexicon' or 'affective word lists'. There exist several affective word lists, e.g., ANEW (Affective Norms for English Words) developed before the advent of microblogging and sentiment analysis. I wanted to examine how well ANEW and other word lists performs for the detection of sentiment strength in microblog posts in comparison with a new word list specifically constructed for microblogs. I used manually labeled postings from Twitter scored for sentiment. Using a simple word matching I show that the new word list may perform better than ANEW, though not as good as the more elaborate approach found in SentiStrength.
Article
How does Google sell ad space and rank webpages? How does Netflix recommend movies and Amazon rank products? How can you influence people on Facebook and Twitter and can you really reach anyone in six steps? Why doesn't the Internet collapse under congestion and does it have an Achilles' heel? Why are you charged per gigabyte for mobile data and how can Skype and BitTorrent be free? How are cloud services so scalable and why is WiFi slower at hotspots than at home? Driven by twenty real-world questions about our networked lives, this book explores the technology behind the multi-trillion dollar Internet and wireless industries. Providing easily understandable answers for the casually curious, alongside detailed explanations for those looking for in-depth discussion, this thought-provoking book is essential reading for students in engineering, science and economics, for network industry professionals and anyone curious about how technological and social networks really work.
Conference Paper
Traditional user-based permission systems assign the user's full privileges to all applications. Modern platforms are transitioning to a new model, in which each application has a different set of permissions based on its requirements. Application permissions offer several advantages over traditional user-based permissions, but these benefits rely on the assumption that applications generally require less than full privileges. We explore whether that assumption is realistic, which provides insight into the value of application permissions. We perform case studies on two platforms with application permissions, the Google Chrome extension system and the Android OS. We collect the permission requirements of a large set of Google Chrome extensions and Android applications. From this data, we evaluate whether application permissions are effective at protecting users. Our results indicate that application permissions can have a positive impact on system security when applications' permission requirements are declared up-front by the developer, but can be improved.
Conference Paper
Computing power is shifting from local computers to a globally distributed system of servers. Data that used to be stored on the user's machine as well as applications that process this data are now part of the “cloud”. While there are various advantages in doing so such as cost, performance and availability; security and trust relationships now become major issues. For instance, in the cloud, computations (i.e. data processing) are often distributed among multiple servers which are not necessarily controlled by the user or even a single entity. Therefore, the user needs to determine what part of the processing that produced the results can and cannot be trusted. In order to secure individual resources such as individual applications, operating systems and hypervisors in the cloud we have developed a new framework which embeds them in an armor that protects the resources. The armor works by constantly monitoring and evaluating the environment surrounding the armor and checking the resources it is protecting in order to assess the trustworthiness of cloud resources. Based on these assessments and trust relationships with other armor components it makes decisions such as redeployment or migration in the event that resources have been compromised. The framework provides mechanisms for extracting measurements from resources and derives a trustworthiness assessment for each measurement (of whether it has been compromised) based on a rich set of data and meta information from multiple resources and contexts. This includes a rigorous process of how to derive confidence intervals from data by evaluating history, expected behavior and context information. Furthermore, we present a flexible decision scheme which allows for the estimation of belief that a resource has been compromised based on the assessment and confidence intervals of the individual measurements, their meta information and context.
Article
Bell System Technical Journal, also pp. 623-656 (October)
Article
An abstract is not available.
Pseudonyms drive communities
  • Disqus