Sena Sahin (Georgia Institute of Technology), Burak Sahin (Georgia Institute of Technology), Frank Li (Georgia Institute of Technology)

Many online platforms monitor the account login activities of their users to detect unauthorized login attempts. Upon detecting anomalous activity, these platforms send suspicious login notifications to their users. These notifications serve to inform users about the login activity in sufficient detail for them to ascertain its legitimacy and take remedial actions if necessary. Despite the prevalence of these notifications, limited research has explored how users engage with them and how they can be effectively designed.

In this paper, we examine user engagement with email-based suspicious login notifications, focusing on real-world practices. We collect and analyze notifications currently in use to establish
an empirical foundation for common design elements. We focus our study on designs used by online platforms rather than exploring all possible design options. Thus, these design options
are likely supported by real-world online platforms based on the login data they can realistically provide. Then, we investigate how these design elements influence users to read the notification, validate its authenticity, diagnose the login attempt, and determine appropriate remedial steps. By conducting online semi-structured interviews with 20 US-based participants, we investigate their
past experiences and present them with design elements employed by top online platforms to identify what design elements work best. Our findings highlight the practical design options that
enhance users’ understanding and engagement, providing recommendations for deploying effective notifications and identifying future directions for the security community.

View More Papers

The Power of Words: A Comprehensive Analysis of Rationales...

Yusra Elbitar (CISPA Helmholtz Center for Information Security), Alexander Hart (CISPA Helmholtz Center for Information Security), Sven Bugiel (CISPA Helmholtz Center for Information Security)

Read More

Decoupling Permission Management from Cryptography for Privacy-Preserving Systems

Ruben De Smet (Department of Engineering Technology (INDI), Department of Electronics and Informatics (ETRO), Vrije Universiteit Brussel), Tom Godden (Department of Engineering Technology (INDI), Vrije Universiteit Brussel), Kris Steenhaut (Department of Engineering Technology (INDI), Department of Electronics and Informatics (ETRO), Vrije Universiteit Brussel), An Braeken (Department of Engineering Technology (INDI), Vrije Universiteit Brussel)

Read More

Feedback-Guided API Fuzzing of 5G Network

Tianchang Yang (Pennsylvania State University), Sathiyajith K S (Pennsylvania State University), Ashwin Senthil Arumugam (Pennsylvania State University), Syed Rafiul Hussain (Pennsylvania State University)

Read More

GAP-Diff: Protecting JPEG-Compressed Images from Diffusion-based Facial Customization

Haotian Zhu (Nanjing University of Science and Technology), Shuchao Pang (Nanjing University of Science and Technology), Zhigang Lu (Western Sydney University), Yongbin Zhou (Nanjing University of Science and Technology), Minhui Xue (CSIRO's Data61)

Read More