ABSTRACT
The purpose of this study is to better understand, from an explorative qualitative perspective, the motivations and practices of highly security-conscious users of mobile authentication, and their underlying mental models of those behaviours. Mobile authentication studies have largely overlooked the mindset of these users in the upper bound of security experience, who have considered their behaviour in terms of detailed knowledge of mobile authentication risk. Twenty IT professionals who self-identified as security-conscious mobile device users, many with decades of intensive security-specific experience, were interviewed for this study regarding their opinions and experiences with mobile device authentication and security. These users described usability and situational impairment issues, as well as a deep concern for their identity and data security arising from highly contextual combinations of distrust towards underlying technologies and situational risk. Derived implications for development of security methods adapted to these informed perspectives are discussed and will be the basis for follow-on research comparing these findings with everyday users.
Disclosure statement
No potential conflict of interest was reported by the authors.