Abstract
Users from developing nations, such as Bangladesh, had a rather late entry into the information highway and may not be equally aware of the different secure practices on the Internet. Such behaviors include awareness of security technologies, having similar/dissimilar passwords, frequency of changing passwords, saving passwords on browsers, and verifying authenticity of visited websites. The category of services being accessed as well as the type of devices being used may implicate the level of exposure to identity theft threats. Unfortunately, users never behave in the expected manner in terms of practicing secure technologies. In this paper, we present a study on security-aware usage of passwords and Internet-based services for users from Bangladesh. We conducted an online survey on a total of 1682 Bangladeshi Internet users in English and Bengali language. We analyzed the survey statistics to study the general trend of behavior, practices, and expectations pertaining to secure Internet usage and identity preservation. We posit that such a study can help researchers identify the weakest-link of Internet safety and focus on building secure technologies to protect users from online crimes in developing countries.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Anderson, R., Moore, T.: Information security: where computer science, economics and psychology meet. Philos. Trans. R. Soc. A Math. Phys. Eng. Sci. 367(1898), 2717–2727 (2009)
Auchard, E.: Smartphones at Risk: Vulnerable to Stolen Passwords, Data Theft, August 2014. http://www.carriermanagement.com/news/2014/08/05/127054.htm
Bangladesh Telecommunication Regulatory Commission: Internet Subscribers in Bangladesh, January 2015. http://www.btrc.gov.bd/content/internet-subscribers-bangladesh-january-2015
Bureau of Justice Statistics: Identity Theft Supplement (ITS) to the National Crime Victimization Survey (2012). http://www.bjs.gov/content/pub/pdf/vit12.pdf
Chen, J., Paik, M., McCabe, K.: Exploring internet security perceptions and practices in Urban Ghana. In: Proceedings of SOUPS. Usenix (2014)
Cybenko, G.: Why Johnny can’t evaluate security risk. IEEE S&P 4(1), 5 (2006)
Florencio, D., Herley, C.: A large-scale study of web password habits. In: Proceedings of WWW. ACM (2007)
Herzberg, A.: Why Johnny can’t surf (safely)? Attacks and defenses for web users. Comput. Secur. 28(1–2), 63–71 (2009)
Hull, G., Lipford, H.R., Latulipe, C.: Contextual gaps: privacy issues on Facebook. Ethics Inf. Technol. 13(4), 289–302 (2011)
Inglesant, P.G., Sasse, M.A.: The true cost of unusable password policies: password use in the wild. In: Proceedings of SIGCHI. ACM (2010)
Kang, R., Brown, S., Kiesler, S.: Why do people seek anonymity on the internet? Informing policy and design. In: Proceedings of SIGCHI. ACM (2013)
Khan, R., Hasan, R.: The story of naive alice: behavioral analysis of susceptible users on the internet. In: Proceedings of COMPSAC. IEEE (2016)
Khan, R., Mizan, M., Hasan, R., Sprague, A.: Hot zone identification: analyzing effects of data sampling on spam clustering. JDFSL 9(1), 67–82 (2014)
Kumaraguru, P., Cranor, L.: Privacy in India: attitudes and awareness. In: Danezis, G., Martin, D. (eds.) PET 2005. LNCS, vol. 3856, pp. 243–258. Springer, Heidelberg (2006). https://doi.org/10.1007/11767831_16
Kumaraguru, P., Sachdeva, N.: Privacy in India: attitudes and awareness v 2.0. Available at SSRN 2188749 (2012)
Lee, S., Kim, Y., Lee, B.G.: Determinants of voluntary self-disclosure in the usage of micro-blog. In: Proceedings of ICONI, December 2010
Lipka, M.: Rise in Identity Fraud Tied to Smartphone Use, February 2012. http://www.reuters.com/article/2012/02/22/us-idtheft-javelin-idUSTRE81L16520120222. Reuters
Moore, T., Clayton, R., Anderson, R.: The economics of online crime. J. Econ. Perspect. 23(3), 3–20 (2009)
National Consumers League: The consumer data insecurity report: examining the data breach - identity fraud paradigm in four major metropolitan areas. Technical report, Javelin Strategy & Research (2014)
Oh, H.K., Jin, S.H.: The security limitations of SSO in OpenID. In: Proceedings of ICACT (2008)
Pascual, A.: Identity fraud report: card data breaches and inadequate consumer password habits fuel disturbing fraud trends. Technical report, Javelin Strategy & Research (2014)
Poushter, J., Carle, J., Bell, J., Wike, R., Cuddington, D., Devlin, K., Keegan, M., Parker, B., Simmons, K., Stokes, B., Deane, C., Drake, B., Kent, D., Schwarzer, S., Smith, B., Zainulbhai, H.: Internet seen as positive influence on education but negative on morality in emerging and developing nations. Pew Research Center Studies, March 2015
Reynolds, J.K.: RFC1135: The Helminthiasis of the Internet, December 1989. http://tools.ietf.org/html/rfc1135
Ross, B., Jackson, C., Miyake, N., Boneh, D., Mitchell, J.C.: Stronger password authentication using browser extensions. In: Proceedings of Usenix Security (2005)
Shay, R., Komanduri, S., Kelley, P.G., Leon, P.G., Mazurek, M.L., Bauer, L., Christin, N., Cranor, L.F.: Encountering stronger password requirements: user attitudes and behaviors. In: Proceedings of SOUPS. ACM (2010)
Sheng, S., Broderick, L., Koranda, C.A., Hyland, J.J.: Why Johnny still can’t encrypt: evaluating the usability of email encryption software. In: Proceedings of SOUPS. Usenix (2006)
Stanton, J.M., Stam, K.R., Mastrangelo, P., Jolton, J.: Analysis of end user security behaviors. Comput. Secur. 24(2), 124–133 (2005)
The World Bank: Bangladesh - leveraging ICT for governance, growth, and employment project (2012)
United Nations: World population prospects: the 2012 revision, highlights and advance tables. Economics and Social Affairs (2013)
Wagner, C., Mitter, S., Körner, C., Strohmaier, M.: When social bots attack: modeling susceptibility of users in online social networks. In: Proceedings of MSM. Citeseer (2012)
W3Techs Web Technology Surveys: Usage of Content Languages for Websites, January 2015. http://w3techs.com/technologies/overview/content_language/all
Yan, J.J., Blackwell, A.F., Anderson, R.J., Grant, A.: Password memorability and security: empirical results. IEEE S&P 2(5), 25–31 (2004)
Acknowledgment
This research was supported by the National Science Foundation CAREER Award CNS-1351038, ACI-1642078, and DGE-1723768.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Khan, R., Hasan, R. (2018). Security-Aware Passwords and Services Usage in Developing Countries: A Case Study of Bangladesh. In: Ferreira, J., Spanoudakis, G., Ma, Y., Zhang, LJ. (eds) Services Computing – SCC 2018. SCC 2018. Lecture Notes in Computer Science(), vol 10969. Springer, Cham. https://doi.org/10.1007/978-3-319-94376-3_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-94376-3_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-94375-6
Online ISBN: 978-3-319-94376-3
eBook Packages: Computer ScienceComputer Science (R0)