TY - GEN
T1 - Designing for fallible humans
AU - Mirkovic, Jelena
AU - Woo, Simon
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/12
Y1 - 2019/12
N2 - Security and privacy solutions today are designed with an assumption of a rational user. System designers assume that the user is able to review all information shown to them, consider it along with other information they have, and user priorities, and make a conscious, rational decision in their best interest. We all know that these assumptions are wrong. Even worse, they are simply excuses for technology-centric, best-effort design. This paper argues for designing for fallible humans, taking into account human cognitive limitations, human bias and human preferences. Such design means anticipating human error and compensating for it with built-in safeguards, it means presenting information in a way palatable to humans, it means soliciting user input and working collaboratively with the user's cognitive biases and preferences. It means helping users weave security and privacy into their daily routine, and not view them as obstacles or overhead to other, more desirable tasks.
AB - Security and privacy solutions today are designed with an assumption of a rational user. System designers assume that the user is able to review all information shown to them, consider it along with other information they have, and user priorities, and make a conscious, rational decision in their best interest. We all know that these assumptions are wrong. Even worse, they are simply excuses for technology-centric, best-effort design. This paper argues for designing for fallible humans, taking into account human cognitive limitations, human bias and human preferences. Such design means anticipating human error and compensating for it with built-in safeguards, it means presenting information in a way palatable to humans, it means soliciting user input and working collaboratively with the user's cognitive biases and preferences. It means helping users weave security and privacy into their daily routine, and not view them as obstacles or overhead to other, more desirable tasks.
KW - Bounded-rationality,-human-factor,-cognitive-bias,-cybersecurity,-privacy,-passwords
UR - https://www.scopus.com/pages/publications/85080864742
U2 - 10.1109/CIC48465.2019.00042
DO - 10.1109/CIC48465.2019.00042
M3 - Conference contribution
AN - SCOPUS:85080864742
T3 - Proceedings - 2019 IEEE 5th International Conference on Collaboration and Internet Computing, CIC 2019
SP - 298
EP - 305
BT - Proceedings - 2019 IEEE 5th International Conference on Collaboration and Internet Computing, CIC 2019
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 5th IEEE International Conference on Collaboration and Internet Computing, CIC 2019
Y2 - 12 December 2019 through 14 December 2019
ER -