Smartphones and other mobile devices have proliferated in the past five years. The expectation of mobile device users to always be online has led to Wi-Fi networks being offered by a variety of providers. Using these networks introduces multiple security risks. In this work, we assess to what extent the privacy stance of mobile device users corresponds with their actual behavior by conducting a study with 108 participants. Our methodology consists of monitoring Wi-Fi networks that the participants’ devices connect to and the connections made by apps on these devices, for a period of 30 days. Afterwards, participants are surveyed about their awareness and privacy sensitiveness. We show that while a higher expertise in computer networks corresponds to more awareness about the connections made by apps, neither this expertise nor the actual privacy stance of the participant translates to better security habits. Moreover, participants in general were unaware about a significant part of connections made by apps on their devices, a matter that is worsened by the fact that one third of Wi-Fi networks that participants connect to do not have any security enabled. Based on our results, we provide recommendations to network providers, developers and users on how to improve Wi-Fi security for mobile devices.
This is an open access article distributed under the Creative Commons Attribution License
which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited