This post is also available in: עברית (Hebrew)
Personal information theft is one of the greatest risk factors for users online. Malicious websites that install malware designed to steal banking credentials, phishing email tailored to individuals, unsecured connections – all these are viable and frequent attack vectors. Often, though, the problems is simpler. Many users are unaware of which websites are safe, and how to recognise the unsafe ones; moreover, many users are careless with information, unsuspecting of the danger divulging sensitive information puts them in.
Researchers at the University of Alabama in Huntsville could be onto a solution that will help users remain safe online by warning them when they are about to give away sensitive personal information online.
Dr Frank Zhu, a computer science associate professor, and Dr Sandra Carpenter, a psychology professor, are investigating an eye-tracking solution that was originally developed for use in behavioral research involving digital information disclosure. The software is showing promise in giving dynamic warnings dependent on user behaviour and in a contextual manner that is more effective and less likely to be dismissed.
The tracker works by detecting where a user’s gaze lingers on a page. This is then analysed against the layout of the page. If the software detects a user’s gaze remains on a request for sensitive information, an alert is then displayed, warning the user of the risk. The warning box remains on the screen for long enough to make sure it has been read, and disappears when the user looks away.
“That’s the novelty here, is using the eye tracker as an input to warn people what not to do,” says Dr Zhu.
To make the warning fresh and relevant every time, the alert box pops up at random and unpredictable areas of the screen.
“If you get a warning every single time and it becomes annoying or habitual, you are going to ignore it,” says Dr Carpenter.