Welcome to the upgraded BRAC University Institutional Repository. We are currently organizing collections after a recent system upgrade. Homepage category counters may temporarily show lower numbers while syncing, but over 27,000 repository items remain safe and accessible. Please use the search bar to find theses, scholarly outputs, and institutional documents.

Tracko: boosting mobile security through user incentives and privacy controls

Citation

Abstract

With smartphone upgrading, it results in the enhancement of mobile security tools. Nevertheless, the majority of users do not adhere to simple privacy practices, leaving them exposed to threats, such as malware, phishing, and unauthorized access to their data. Options like PIN locks, fingerprint sensors, and app permissions are underused not as ineffective ones but simply because users are either unaware of them or fail to find the necessary motivation. This mismatch between what is available and what is used by users is where we start our research. In order to gain a better grasp of what users care about and what keeps them from using security features, we started with a survey of 363 participants. Our goal was to understand actual user patterns—how they actually handle app permissions, which security tools they may like and how much control they feel they have over their privacy. The results demonstrated that most users want simple, easy-to-understand tools that not only alert them about risks but also guide them in making smarter decisions. Based on these findings, to ensure mobile security, we developed a mobile prototype named TRACKO that placed emphasis on both usability and engagement. The prototype includes two core features. Firstly, a categorized permission system analyzes the access each app wants to what is normally needed for that type of app (for example, a calculator asking for location data) and immediately notifies users about anything that is not necessary. Secondly, a system of rewarding points where users can earn points through secure behavior, such as setting PIN passwords or biometric locks, denying third-party app installation and managing app permission sensitivity. People who are careful about security get points for doing these things, which makes privacy more like a game. We then tested the prototype with 41 real users for one week and conducted a semi-structured interview. The evaluation showed promising results. Users understood permission-related risks with having a change of their behavior—taking more control over app permissions, adjusting settings they had previously ignored, and becoming more careful overall. In short, when security tools are made more transparent and rewarding, people are more likely to use them. This study highlights that improvement of mobile security is not just about increased functionalities—it is about designing experiences to help everyday users to make safer choices.

Description

Cataloged from PDF version of thesis.
Includes bibliographical references (pages 96-103).
This thesis is submitted in partial fulfillment of the requirements for the degree of Bachelor of Science in Computer Science and Engineering, 2025.

Publisher Link

Type

Thesis