While updates in computer security have made it generally easier for the everyday user to avoid malware or malicious websites, not everyone is safe from technological bugs or cyber attacks.
Studies have shown that visually impaired people may have a harder time avoiding web viruses because prevention tools aren’t very successful in catching visual cues.
Computer science master’s graduate Elaine Lau decided to delve into the discrepancy.
She presented her research “A Research Framework and Initial Study of Browser Security for the Visually Impaired” alongside faculty member Zachary Peterson at the USENIX Security Symposium in Anaheim, California.
Their work explores how the visually impaired experience browser security warnings, establishes best practices in conducting this type of research and makes suggestions on how to improve online safety for this population.
“I was interested in the intersection of privacy and security with UX research and accessibility,” Lau explained. “When I began thinking about topics to research for my master’s thesis, I discovered that while there was some research related to improving web security for the visually impaired, there were virtually no studies related to browser security warnings with this population.”
Lau decided to focus on this topic with the hopes of finding solutions to make web use more accessible.
“I realized that having good vision to be able to view and heed warnings is a privilege that not everyone has, and it’s important to ensure that browser warnings can be effective for all populations,” she concluded.
Lau interviewed visually impaired people as part of her research to determine their pain points when it came to browser warnings.
“Browser security warnings – including SSL, malware and phishing warnings – use visual elements such as iconography, text size, color and images to deter users from moving on to the potentially unsafe websites and bring users’ attention to the safer choice of returning to the previous page or another safe website,” Lau explained.
These visual techniques aren’t as effective for visually impaired users. Screen readers or other assistive technology don’t catch the virus warnings as successfully as the human eye.
“Screen readers convert text to audio, and it’s not clear whether the aural representation of the browser warning has a similar effectiveness for ensuring warning compliance,” Lau said.
The master’s student used feedback from the interview subjects to determine how to improve browser security for that demographic and was able to present her findings at the USENIX Security Symposium.
“Forums like the USENIX Security Symposium are accepting more research papers in the realm of accessibility and inclusivity,” she said. “For those of us who are sighted, we see warnings everywhere, such as octagonal stop signs or hazard lights on the road or even stickers on products alerting us to dangerous uses. There are similar warnings to keep us from danger on the web, too.”
Lau, who is now working as a software engineer at TriMet, shares her gratitude for her master’s thesis committee members, Dr. Franz Kurfess and Dr. Bruce DeBruhl, and her master’s thesis advisor, Peterson.
“While Cal Poly SLO is not typically considered to be a research-heavy institution, I am incredibly proud to have had my education here learning from the wonderful Computer Science Department faculty who are second to none,” she shared.
Lau encourages undergraduate students considering research opportunities to pursue their interests while at Cal Poly, noting the abundance of faculty members ready and eager to help guide the way.
To learn more about Lau’s research findings, click here.
By Taylor Villanueva
